Commit Graph

1243 Commits

Author SHA1 Message Date
Dan Cross
931c5625a3 Get rid of strncpy() calls.
The poorly named `strncpy` was originally written to
copy data into fixed-sized, disk-resident data structures
in an early version of the research Unix kernel.  Thus, it
has peculiar semantics: it takes source and destination
pointer arguments and a length and will *always* modify
exactly `length` bytes in the destination buffer.  If
the length of the source (which is presumed to be a
NUL-terminated C-stylestring) is `length` or more chars
long, then the result will not be NUL terminated.  If it
is less than `length` bytes long, then the result will be
padded with zeros up to `length`.

This is all well and good for storing a file name into a
fixed-width directory entry in 6th edition Unix, but it's
not useful as a general-purpose string utility.

Replaced with calls to strlcpy(), which always properly
terminates the destination but doesn't have the additional
zeroing behavior.  Since the buffers that we're copying
into were allocated with malloz(), and thus are guaranteed
to be filled with zeros, we're not leaking data, but not
double-zeroing either.

A few other things were changed. Lengths of destination
buffers are now given via `sizeof` instead of manifest
constants.  One call to `memcpy` took the length from the
size of the source argument, thus possibly writing beyond
the end of the destination buffer.  Changed to a call to
strlcpy() with length the sizeof destination.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-16 10:59:53 +10:00
Andrew Pamment
f01cd5f1a6 Change file_id.diz to test post-receive hook 2018-10-15 14:51:37 +10:00
Andrew Pamment
7dddbde063 Fix www messages sending 2018-10-15 10:46:49 +10:00
Andrew Pamment
9d728d9a29 couple of minor fixes 2018-10-15 10:31:28 +10:00
Dan Cross
9bfc4ffbe5 More string cleanups.
In bluewave.c mostly.  There are a few places left where sprintf()
is called directly; these should be recast in terms of a stralloc
or possibly strlcat.

One small whitespace change in www_files.c.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-15 10:20:20 +10:00
Dan Cross
40570f0fd0 www cleanups.
Use ptr_vectors in the WWW code to parse mime types,
headers in POST requests, etc.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-15 10:20:14 +10:00
Andrew Pamment
e32addbe59 Merge branch 'master' of git.magickabbs.com:/home/andrew/repositories/MagickaBBS 2018-10-14 22:27:53 +10:00
Andrew Pamment
0b9bdd77d5 Fix for random crap at the end of messages
commit changes to STRINGS.CHANGES I must have forgot to commit
2018-10-14 22:27:27 +10:00
Andrew Pamment
e61ffe98c3 fix file size on web 2018-10-14 15:32:42 +10:00
Dan Cross
267dbf15b8 Clean up string logic in www_files.c.
Use stralloc() etc here.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-14 15:28:16 +10:00
Andrew Pamment
b500a450dd Couple of minor fixes
Duplicate string in www_email
fread returns number of elements read not number of bytes
Missing clear screen after my changing of strings
2018-10-14 10:46:52 +10:00
Dan Cross
303810acaa Trivial formatting cleanups
Just another clang-format run to catch regressions that
have snuck in via other patches.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-14 10:35:29 +10:00
Dan Cross
2de957db34 Modify HTML generation code to use stralloc.
Replace most remaining uses of sprintf() into a `buffer`
variable followed by realloc() and strcat() with direct
use of stralloc.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-14 10:35:23 +10:00
Dan Cross
42eb413c91 More changing formatting to use stralloc.
Specifically, change the www_last10 HTML rendering logic
to use stralloc and strftime().  This eliminates a lot of
duplication.

It would be easier to test this with a unit test if the
logic of reading the last10 entries from a file were
separated from the HTML rendering logic.  An area for
future enhancement.

Also start in on www_email.c, which is the last bastion
of significant realloc() use for page generation.  An
explicit goal is to get rid of unsafe string handling
functions such as strcpy, strcat, sprintf, etc.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-14 10:35:18 +10:00
Andrew Pamment
0ade566c11 fix for message sending 2018-10-13 20:14:31 +10:00
Andrew Pamment
0cbefa834f Merge branch 'master' of git.magickabbs.com:/home/andrew/repositories/MagickaBBS 2018-10-13 20:04:25 +10:00
Andrew Pamment
d9a350631c some fixes for area selection and message list header 2018-10-13 20:03:58 +10:00
Dan Cross
f2288e9cec More adoption of stralloc for string handling.
Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-13 10:22:44 +10:00
Dan Cross
7bf6e05170 Fix a buffer overflow in bluewave.c.
strcat()'ing a string onto the result of file2str()
will result in a buffer overflow, since file2str()
only allocates enough memory to hold the contents of
the file (plus a NUL terminator).  This happend in
`bluewave.c`.

Instead, use `file2stralloc` to read the contents of
that file into a stralloc, which we can stralloc_cats
onto without fear of overflow.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-13 10:22:40 +10:00
Dan Cross
aba49d7a20 Added file2stralloc to read a file directly into a stralloc.
Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-13 10:22:33 +10:00
Andrew Pamment
7986d00b71 another netbsd fix 2018-10-12 19:44:50 +10:00
Andrew Pamment
5b007071e3 fix netbsd makefile 2018-10-12 19:40:15 +10:00
Andrew Pamment
1541033dbd Final fix for dragonfly 2018-10-12 18:13:37 +10:00
Andrew Pamment
c3636ec6d5 More dragonfly fixes 2018-10-12 18:11:05 +10:00
Andrew Pamment
943d5c0e18 fix capitalization 2018-10-12 17:51:10 +10:00
Andrew Pamment
0b76ae3cb6 Fixes for dragonflybsd 2018-10-12 17:48:26 +10:00
Andrew Pamment
800e13009f Fix unending RE:re:re: etc 2018-10-12 17:25:30 +10:00
Andrew Pamment
d4329eb287 Makefile tweaks for sunos and macos 2018-10-12 15:58:29 +10:00
Andrew Pamment
40c52836f9 Fix a couple of bugs 2018-10-12 11:11:44 +10:00
Dan Cross
37bcd31ff2 Clean up some of the page generation logic in www_msgs.c.
More application of stralloc.  Needs to be tested.  :-)

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-12 10:13:12 +10:00
Dan Cross
0a91165b07 Clean up blog code (particularly the www side).
Make `blog_load` return a ptr_vector which is
consumed by the code that uses blog entries.
Greatly clean up WWW page generation by using
stralloc and strftime and the ptr_vector
infrastructure.

Needs to be tested. :-)

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-12 10:13:04 +10:00
Dan Cross
9b4238209e Check in a file that autotools keeps modifying.
This is a file that some component of autotools keeps
clobbering.  Check in what it produces.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-12 10:12:55 +10:00
Dan Cross
cf766e3e67 Trivial clang-format changes
Changes from a clang-format run.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-12 10:12:45 +10:00
Dan Cross
e548c94750 mail_menu.c: Remove external lines counter in editor.
The pointer vector maintaining `content` in `editor` already
keeps track of the number of lines and makes it available via
a call to `ptr_vector_len` (or one could look at th `len`
member of the ptr_vector struct...this is C, not some fancy
object oriented language with data hiding).  Delete the `lines`
local variable and just use ptr_vector_len where necessary.

Sorry; I should have done that in the first sweep through that
code.  My bad!

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-12 10:12:36 +10:00
Andrew Pamment
37e728b749 Fix for line numbers on internal editor 2018-10-11 22:04:48 +10:00
Dan Cross
d8c32639e4 Trivial whitespace cleanups
Delete trailing whitespace at the ends of lines;
ensure files have newlines at the end.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-11 21:36:35 +10:00
Dan Cross
1c7849b724 Fix a bug in stralloc_starts() and add a test.
strcalloc_starts() should have tested the return value
of `memcmp` against 0 for equality.  Fixed and added a
test case.

As an aside, one might wonder how bugs like that are
creeping into well-tested code imported from other
projects?  The answer, specific to stralloc, is that
the original code was very specific to qmail, and used
a number of additional functions specific to qmail.

Rather than import half of qmail, the version imported
into Magicka has been reworked to, instead, use
standard C functions.  The process of modifying the
code gave rise to the opportunity for bugs to creep in.
Now that a unit testing framework is in place, we can
test things in isolation more easily and hopefully
catch such things BEFORE they are published to the
master repository.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-11 21:36:29 +10:00
Dan Cross
33beceadd3 CuTest: add Makefile, remove unsafe string operations
Replace unsafe string operations (strcpy, strcat,
sprintf, vsprintf) with safe equivalents:

1. The one use of strcpy into an allocated buffer was
   replaced with strdup.
2. The one use of strcat was replaced with a call to
   memmove and explicitly setting the NUL terminating
   byte.
3. sprintf()/vsprintf() calls were replaced with calls
   to snprintf()/vsnprintf(), respectively.

Added a Makefile to build the library as, er, a library
and run the test suite.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-11 21:36:23 +10:00
Dan Cross
5879cc6f49 Import CuTest-1.5.
CuTest is a relatively simple unit testing framework for
C code.  It is distributed under the zlib license; this
is an import of the pristine sources.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-11 21:36:15 +10:00
Andrew Pamment
15d09ed57a Fix a couple of bugs, one in stralloc and one uninitialized ptr vector 2018-10-11 15:25:00 +10:00
Dan Cross
6d30116ed9 Import strlcpy/strlcat from OpenBSD, start using them.
strcpy()/strcat() are inherently dangerous, even when
used with great care.  strlcpy() and strlcat() are
much safer replacements, and are available from OpenBSD
under a very liberal license.  Import them and start
using them.

Between pointer vectors, malloz, stralloc and now
strlcpy/strlcat, Magicka has much safer, simpler and
more performant infrastructure for dealing with
strings and dynamic collections of various kinds.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-11 13:58:49 +10:00
Dan Cross
77bf763939 Start using stralloc.
Clean up a few web page generation functions.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-11 13:58:03 +10:00
Andrew Pamment
e196292503 Merge branch 'master' of ssh://git.magickabbs.com/home/andrew/repositories/MagickaBBS 2018-10-11 11:47:53 +10:00
Dan Cross
9a7ceeee3d Import a (modernized) version of djb's stralloc library.
Lots of code in Magicka is involved in dynamic string manipulation.
`stralloc` isn't a bad library for this sort of thing.

Note that this is complements, but doesn't replace, existing string
utilities.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-11 11:45:12 +10:00
Dan Cross
82b6ec3a3b More use of ptr_vector; avoid unnecessary copies.
Recast more code in terms of the ptr_vector abstraction.

The mail_menu.c code also made a lot of unnecessary copies
of strings.  For example, there was this code sequence:

    for (i = z; i < lines - 1; i++) {
            free(content[i]);
            content[i] = strdup(content[i + 1]);
    }
    free(content[i]);
    lines--;
    content = (char **)realloc(content, sizeof(char *) * lines);

Here, `content` represents an array of lines of text.
This code is removing an element from somewhere in that
array (possibly in the middle), and then shifting the
remaining elements over one position.

But observe the calls to `free` and `strdup` in the loop
body: the content is already dynamically allocated.  We
free whatever was in the selected position, and then make
*another copy* of the data in the next position to put
into the now-available slot in the array: repeat for the
remainder of the array's elements.

Instead, we could change this code to just shift things
down:

    free(content[z]);
    for (i = z; i < (lines - 1); ++i)
            content[i] = content[i + 1];
    --lines;
    ncontent = realloc(content, sizeof(char *) * lines);
    assert(ncontent == NULL);
    content = ncontent;

However, the ptr_vector abstraction provides us a function,
`ptr_vector_del` that deletes an element from the array and
returns the pointer, so we can rewrite this as simply:

    free(ptr_vector_del(&content, z));

No additional malloc()/free() required, which means less
pressure on the memory allocator and less copying of data.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
2018-10-11 11:44:19 +10:00
Andrew Pamment
d80037d30e build magimail 2018-10-10 11:47:09 +10:00
Andrew Pamment
dd1b386ff8 fix the makefile fix 2018-10-10 11:30:01 +10:00
Andrew Pamment
38ace58668 fix build script 2018-10-10 11:22:38 +10:00
Andrew Pamment
f70565325e fix bug in new ptr vector append 2018-10-10 11:12:04 +10:00
Andrew Pamment
5e797ed2c3 change egcc to cc for FreeBSD 2018-10-10 10:36:24 +10:00