aboutsummaryrefslogtreecommitdiffstats
path: root/debian/patches/01-w3m-dev-01500
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--debian/patches/01-w3m-dev-01500152
1 files changed, 152 insertions, 0 deletions
diff --git a/debian/patches/01-w3m-dev-01500 b/debian/patches/01-w3m-dev-01500
new file mode 100644
index 0000000..9781ab9
--- /dev/null
+++ b/debian/patches/01-w3m-dev-01500
@@ -0,0 +1,152 @@
+PATCH: -p0
+To: w3m-dev@mi.med.tohoku.ac.jp
+Subject: [w3m-dev 01500] fix risky code in url.c
+From: Hironori Sakamoto <h-saka@lsi.nec.co.jp>
+Delivered-To: ukai@ukai.org
+Delivered-To: ukai@debian.or.jp
+Date: Wed, 13 Dec 2000 12:02:11 +0900 (JST)
+Reply-To: w3m-dev@mi.med.tohoku.ac.jp
+Message-Id: <200012130302.MAA21605@udlew10.uldev.lsi.nec.co.jp>
+X-ML-Name: w3m-dev
+X-Mail-Count: 01500
+X-MLServer: fml [fml 3.0]; post only (only members can post)
+X-ML-Info: If you have a question, send e-mail with the body "help" (without quotes) to the address w3m-dev-ctl@mi.med.tohoku.ac.jp; help=<mailto:w3m-dev-ctl@mi.med.tohoku.ac.jp?body=help>
+X-Sender: w3m-dev-admin@mi.med.tohoku.ac.jp
+
+$B:dK\$G$9!#(B
+
+url.c $B$K$"$C$?4m81@-$N$"$k%3!<%I$r=$@5$7$^$7$?!#(B
+local.c $B$O$*$^$1$N=$@5$G$9!#(B
+
+# m18n $B$G(B URL $B$d(B file $BL>$NJ8;z%3!<%I$r??LLL\$K%A%'%C%/$7$F$$$k2aDx$G(B
+# $B8+$D$1$?$N$G$9$,!"$+$J$jBgJQ!#K\Ev$O%*%j%8%J%kHG$G$b$d$i$J$$$H(B
+# $B$$$1$J$$$1$I!#(B
+-----------------------------------
+$B:dK\(B $B9@B'(B <hsaka@mth.biglobe.ne.jp>
+ http://www2u.biglobe.ne.jp/~hsaka/
+
+--- url.c.orig Wed Dec 13 10:39:47 2000
++++ url.c Wed Dec 13 10:46:33 2000
+@@ -517,7 +517,7 @@
+ parseURL(char *url, ParsedURL * p_url, ParsedURL * current)
+ {
+ char *p, *q;
+- char tmp[LINELEN];
++ Str tmp;
+ int i;
+
+ p = url;
+@@ -548,10 +548,10 @@
+ ++url;
+ }
+ if (IS_ALPHA(*url) && (url[1] == ':' || url[1] == '|')) {
+- if(url[1]=='|')
+- url[1]=':';
+ p_url->scheme = SCM_LOCAL;
+- p_url->file = allocStr(url, 0);
++ p_url->file = p = allocStr(url, 0);
++ if(p[1]=='|')
++ p[1]=':';
+ }
+ if (p_url->scheme == SCM_LOCAL)
+ goto analyze_file;
+@@ -626,9 +626,8 @@
+ p_url->host = NULL;
+ goto analyze_url;
+ }
+- strncpy(tmp, q, p - q);
+- tmp[p - q] = '\0';
+- p_url->port = atoi(tmp);
++ tmp = Strnew_charp_n(q, p - q);
++ p_url->port = atoi(tmp->ptr);
+ if (*p == '\0') { /* scheme://host:port */
+ /* scheme://user@host:port */
+ /* scheme://user:pass@host:port */
+@@ -675,14 +674,14 @@
+ #ifdef USE_GOPHER
+ if (p_url->scheme == SCM_GOPHER && *p == 'R') {
+ p++;
+- q = tmp;
+- *q++ = *p++;
++ tmp = Strnew();
++ Strcat_char(tmp, *(p++));
+ while (*p && *p != '/')
+ p++;
++ Strcat_charp(tmp, p);
+ while (*p)
+- *q++ = *p++;
+- *q = '\0';
+- p_url->file = copyPath(tmp, -1, COPYPATH_SPC_IGNORE);
++ p++;
++ p_url->file = copyPath(tmp->ptr, -1, COPYPATH_SPC_IGNORE);
+ }
+ else
+ #endif /* USE_GOPHER */
+--- local.c.orig Wed Dec 13 10:39:44 2000
++++ local.c Wed Dec 13 11:55:40 2000
+@@ -19,7 +19,7 @@
+ Directory *dir;
+ struct stat st;
+ char **flist;
+- char *p, *qdir, *q;
++ char *p, *qdir;
+ Str fbuf = Strnew();
+ #ifdef READLINK
+ struct stat lst;
+@@ -29,10 +29,10 @@
+ int nfile, nfile_max = 100;
+ Str dirname;
+
+- dirname = Strnew_charp(dname);
+- d = opendir(dirname->ptr);
++ d = opendir(dname);
+ if (d == NULL)
+ return NULL;
++ dirname = Strnew_charp(dname);
+ qdir = htmlquote_str(dirname->ptr);
+ tmp = Sprintf("<title>Directory list of %s</title><h1>Directory list of %s</h1>\n", qdir, qdir);
+ flist = New_N(char *, nfile_max);
+@@ -65,7 +65,7 @@
+ if (strcmp(p, ".") == 0)
+ continue;
+ Strcopy(fbuf, dirname);
+- if (Strlastchar(dirname) != '/')
++ if (Strlastchar(fbuf) != '/')
+ Strcat_char(fbuf, '/');
+ Strcat_charp(fbuf, p);
+ #ifdef READLINK
+@@ -76,7 +76,7 @@
+ continue;
+ if (multicolList) {
+ if (n == 1)
+- Strcat_charp(tmp, "<TD>");
++ Strcat_charp(tmp, "<TD><NOBR>");
+ }
+ else {
+ if (S_ISDIR(st.st_mode))
+@@ -88,20 +88,16 @@
+ else
+ Strcat_charp(tmp, "[FILE] ");
+ }
+- q = htmlquote_str(p);
+- Strcat_m_charp(tmp, "<A HREF=\"file://", qdir, NULL);
+- if (dirname->ptr[dirname->length - 1] != '/')
+- Strcat_char(tmp, '/');
+- Strcat_charp(tmp, q);
++ Strcat_m_charp(tmp, "<A HREF=\"", htmlquote_str(fbuf->ptr), NULL);
+ if (S_ISDIR(st.st_mode))
+ Strcat_char(tmp, '/');
+- Strcat_m_charp(tmp, "\">", q, NULL);
++ Strcat_m_charp(tmp, "\">", htmlquote_str(p), NULL);
+ if (S_ISDIR(st.st_mode))
+ Strcat_char(tmp, '/');
+ Strcat_charp(tmp, "</a>");
+ if (multicolList) {
+ if (n++ == nrow) {
+- Strcat_charp(tmp, "</TD>\n");
++ Strcat_charp(tmp, "</NOBR></TD>\n");
+ n = 1;
+ }
+ else {
+
+