From 7a90af4d33efb6bf9c7840e631861d2989c1555b Mon Sep 17 00:00:00 2001 From: Ron Steinke Date: Fri, 24 Aug 2001 20:02:41 +0000 Subject: [PATCH] Modified Files: glib/ChangeLog glib/glib/giochannel.c Modified Files: glib/ChangeLog glib/glib/giochannel.c * glib/giochannel.c: Matthias Clasen's fix for the buffer corruption bug by setting outbuf _after_ the call to g_string_set_size() * glib/giochannel.c: kept the buffers from perpetually growing by subtracting 1 from allocated_len in the calculation of available space to account for the null at the end of the buffer * glib/giochannel.c: fixed g_io_channel_write_chars() to not write more than space_in_buf bytes for the UTF-8 case --- ChangeLog | 14 ++++++++++++++ ChangeLog.pre-2-0 | 14 ++++++++++++++ ChangeLog.pre-2-10 | 14 ++++++++++++++ ChangeLog.pre-2-12 | 14 ++++++++++++++ ChangeLog.pre-2-2 | 14 ++++++++++++++ ChangeLog.pre-2-4 | 14 ++++++++++++++ ChangeLog.pre-2-6 | 14 ++++++++++++++ ChangeLog.pre-2-8 | 14 ++++++++++++++ glib/giochannel.c | 42 ++++++++++++++++++++++++++++-------------- 9 files changed, 140 insertions(+), 14 deletions(-) diff --git a/ChangeLog b/ChangeLog index 1b7b30c..a0d66a2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,17 @@ +2001-08-24 Ron Steinke + + * glib/giochannel.c: Matthias Clasen's fix for + the buffer corruption bug by setting outbuf _after_ + the call to g_string_set_size() + + * glib/giochannel.c: kept the buffers from perpetually + growing by subtracting 1 from allocated_len in the calculation + of available space to account for the null at the end of the + buffer + + * glib/giochannel.c: fixed g_io_channel_write_chars() + to not write more than space_in_buf bytes for the UTF-8 case + Fri Aug 24 11:15:46 2001 Owen Taylor * glib/gstrfuncs.c docs/Changes-2.0.txt: Patch from Darin diff --git a/ChangeLog.pre-2-0 b/ChangeLog.pre-2-0 index 1b7b30c..a0d66a2 100644 --- a/ChangeLog.pre-2-0 +++ b/ChangeLog.pre-2-0 @@ -1,3 +1,17 @@ +2001-08-24 Ron Steinke + + * glib/giochannel.c: Matthias Clasen's fix for + the buffer corruption bug by setting outbuf _after_ + the call to g_string_set_size() + + * glib/giochannel.c: kept the buffers from perpetually + growing by subtracting 1 from allocated_len in the calculation + of available space to account for the null at the end of the + buffer + + * glib/giochannel.c: fixed g_io_channel_write_chars() + to not write more than space_in_buf bytes for the UTF-8 case + Fri Aug 24 11:15:46 2001 Owen Taylor * glib/gstrfuncs.c docs/Changes-2.0.txt: Patch from Darin diff --git a/ChangeLog.pre-2-10 b/ChangeLog.pre-2-10 index 1b7b30c..a0d66a2 100644 --- a/ChangeLog.pre-2-10 +++ b/ChangeLog.pre-2-10 @@ -1,3 +1,17 @@ +2001-08-24 Ron Steinke + + * glib/giochannel.c: Matthias Clasen's fix for + the buffer corruption bug by setting outbuf _after_ + the call to g_string_set_size() + + * glib/giochannel.c: kept the buffers from perpetually + growing by subtracting 1 from allocated_len in the calculation + of available space to account for the null at the end of the + buffer + + * glib/giochannel.c: fixed g_io_channel_write_chars() + to not write more than space_in_buf bytes for the UTF-8 case + Fri Aug 24 11:15:46 2001 Owen Taylor * glib/gstrfuncs.c docs/Changes-2.0.txt: Patch from Darin diff --git a/ChangeLog.pre-2-12 b/ChangeLog.pre-2-12 index 1b7b30c..a0d66a2 100644 --- a/ChangeLog.pre-2-12 +++ b/ChangeLog.pre-2-12 @@ -1,3 +1,17 @@ +2001-08-24 Ron Steinke + + * glib/giochannel.c: Matthias Clasen's fix for + the buffer corruption bug by setting outbuf _after_ + the call to g_string_set_size() + + * glib/giochannel.c: kept the buffers from perpetually + growing by subtracting 1 from allocated_len in the calculation + of available space to account for the null at the end of the + buffer + + * glib/giochannel.c: fixed g_io_channel_write_chars() + to not write more than space_in_buf bytes for the UTF-8 case + Fri Aug 24 11:15:46 2001 Owen Taylor * glib/gstrfuncs.c docs/Changes-2.0.txt: Patch from Darin diff --git a/ChangeLog.pre-2-2 b/ChangeLog.pre-2-2 index 1b7b30c..a0d66a2 100644 --- a/ChangeLog.pre-2-2 +++ b/ChangeLog.pre-2-2 @@ -1,3 +1,17 @@ +2001-08-24 Ron Steinke + + * glib/giochannel.c: Matthias Clasen's fix for + the buffer corruption bug by setting outbuf _after_ + the call to g_string_set_size() + + * glib/giochannel.c: kept the buffers from perpetually + growing by subtracting 1 from allocated_len in the calculation + of available space to account for the null at the end of the + buffer + + * glib/giochannel.c: fixed g_io_channel_write_chars() + to not write more than space_in_buf bytes for the UTF-8 case + Fri Aug 24 11:15:46 2001 Owen Taylor * glib/gstrfuncs.c docs/Changes-2.0.txt: Patch from Darin diff --git a/ChangeLog.pre-2-4 b/ChangeLog.pre-2-4 index 1b7b30c..a0d66a2 100644 --- a/ChangeLog.pre-2-4 +++ b/ChangeLog.pre-2-4 @@ -1,3 +1,17 @@ +2001-08-24 Ron Steinke + + * glib/giochannel.c: Matthias Clasen's fix for + the buffer corruption bug by setting outbuf _after_ + the call to g_string_set_size() + + * glib/giochannel.c: kept the buffers from perpetually + growing by subtracting 1 from allocated_len in the calculation + of available space to account for the null at the end of the + buffer + + * glib/giochannel.c: fixed g_io_channel_write_chars() + to not write more than space_in_buf bytes for the UTF-8 case + Fri Aug 24 11:15:46 2001 Owen Taylor * glib/gstrfuncs.c docs/Changes-2.0.txt: Patch from Darin diff --git a/ChangeLog.pre-2-6 b/ChangeLog.pre-2-6 index 1b7b30c..a0d66a2 100644 --- a/ChangeLog.pre-2-6 +++ b/ChangeLog.pre-2-6 @@ -1,3 +1,17 @@ +2001-08-24 Ron Steinke + + * glib/giochannel.c: Matthias Clasen's fix for + the buffer corruption bug by setting outbuf _after_ + the call to g_string_set_size() + + * glib/giochannel.c: kept the buffers from perpetually + growing by subtracting 1 from allocated_len in the calculation + of available space to account for the null at the end of the + buffer + + * glib/giochannel.c: fixed g_io_channel_write_chars() + to not write more than space_in_buf bytes for the UTF-8 case + Fri Aug 24 11:15:46 2001 Owen Taylor * glib/gstrfuncs.c docs/Changes-2.0.txt: Patch from Darin diff --git a/ChangeLog.pre-2-8 b/ChangeLog.pre-2-8 index 1b7b30c..a0d66a2 100644 --- a/ChangeLog.pre-2-8 +++ b/ChangeLog.pre-2-8 @@ -1,3 +1,17 @@ +2001-08-24 Ron Steinke + + * glib/giochannel.c: Matthias Clasen's fix for + the buffer corruption bug by setting outbuf _after_ + the call to g_string_set_size() + + * glib/giochannel.c: kept the buffers from perpetually + growing by subtracting 1 from allocated_len in the calculation + of available space to account for the null at the end of the + buffer + + * glib/giochannel.c: fixed g_io_channel_write_chars() + to not write more than space_in_buf bytes for the UTF-8 case + Fri Aug 24 11:15:46 2001 Owen Taylor * glib/gstrfuncs.c docs/Changes-2.0.txt: Patch from Darin diff --git a/glib/giochannel.c b/glib/giochannel.c index e53f567..890cb1d 100644 --- a/glib/giochannel.c +++ b/glib/giochannel.c @@ -1207,15 +1207,16 @@ g_io_channel_fill_buffer (GIOChannel *channel, reencode: inbytes_left = channel->read_buf->len; - outbytes_left = MAX (6, MAX (channel->read_buf->len, + outbytes_left = MAX (channel->read_buf->len, channel->encoded_read_buf->allocated_len - - channel->encoded_read_buf->len)); + - channel->encoded_read_buf->len - 1); /* 1 for NULL */ + outbytes_left = MAX (outbytes_left, 6); inbuf = channel->read_buf->str; - outbuf = channel->encoded_read_buf->str + channel->encoded_read_buf->len; - g_string_set_size (channel->encoded_read_buf, channel->encoded_read_buf->len + outbytes_left); + outbuf = channel->encoded_read_buf->str + channel->encoded_read_buf->len + - outbytes_left; errnum = g_iconv (channel->read_cd, &inbuf, &inbytes_left, &outbuf, &outbytes_left); @@ -1958,8 +1959,8 @@ g_io_channel_write_chars (GIOChannel *channel, } } - space_in_buf = MAX (channel->buf_size, channel->write_buf->allocated_len) - - channel->write_buf->len; + space_in_buf = MAX (channel->buf_size, channel->write_buf->allocated_len - 1) + - channel->write_buf->len; /* 1 for NULL */ /* This is only true because g_io_channel_set_buffer_size () * ensures that channel->buf_size >= MAX_CHAR_SIZE. @@ -2002,17 +2003,18 @@ g_io_channel_write_chars (GIOChannel *channel, reconvert: - if (!channel->do_encode) + if (!channel->do_encode) /* UTF-8 encoding */ { const gchar *badchar; + gsize try_len = MIN (from_buf_len, space_in_buf); /* UTF-8, just validate, emulate g_iconv */ - if (!g_utf8_validate (from_buf, from_buf_len, &badchar)) + if (!g_utf8_validate (from_buf, try_len, &badchar)) { gunichar try_char; - left_len = from_buf + from_buf_len - badchar; + left_len = from_buf + try_len - badchar; try_char = g_utf8_get_char_validated (badchar, left_len); @@ -2020,16 +2022,27 @@ reconvert: { case -2: g_assert (left_len < 6); - errnum = EINVAL; + if (try_len == from_buf_len) + { + errnum = EINVAL; + err = (size_t) -1; + } + else + { + errnum = 0; + err = (size_t) -1; + } break; case -1: + g_warning ("Invalid UTF-8 passed to g_io_channel_write_chars()."); + /* FIXME bail here? */ errnum = EILSEQ; + err = (size_t) -1; break; default: g_assert_not_reached (); errnum = 0; /* Don't confunse the compiler */ } - err = (size_t) -1; } else { @@ -2039,17 +2052,18 @@ reconvert: } g_string_append_len (channel->write_buf, from_buf, - from_buf_len - left_len); - from_buf += from_buf_len - left_len; + try_len - left_len); + from_buf += try_len - left_len; } else { gchar *outbuf; left_len = from_buf_len; - outbuf = channel->write_buf->str + channel->write_buf->len; g_string_set_size (channel->write_buf, channel->write_buf->len + space_in_buf); + outbuf = channel->write_buf->str + channel->write_buf->len + - space_in_buf; err = g_iconv (channel->write_cd, (gchar **) &from_buf, &left_len, &outbuf, &space_in_buf); errnum = errno; -- 2.7.4