linuxdcpp-team team mailing list archive

[noreply@xxxxxxxxxxxxx]

------------------------------------------------------------
revno: 2398
committer: poy <poy@xxxxxxxxxx>
branch nick: trunk
timestamp: Tue 2011-01-25 13:17:48 +0100
message:
  check strftime errors
modified:
  changelog.txt
  dcpp/Util.cpp
  win32/WinUtil.cpp


--
lp:dcplusplus
https://code.launchpad.net/~dcplusplus-team/dcplusplus/trunk

Your team Dcplusplus-team is subscribed to branch lp:dcplusplus.
To unsubscribe from this branch go to https://code.launchpad.net/~dcplusplus-team/dcplusplus/trunk/+edit-subscription

=== modified file 'changelog.txt'
--- changelog.txt	2011-01-12 15:19:02 +0000
+++ changelog.txt	2011-01-25 12:17:48 +0000
@@ -1,3 +1,5 @@
+* Prevent a remote crash triggered via malformed user commands (poy)
+
 -- 0.781 2011-01-12 --
 * Add a dummy serial number to TLS certs to satisfy some parsers (poy)
 * Avoid loading unprocessed file lists on exit (poy)

=== modified file 'dcpp/Util.cpp'
--- dcpp/Util.cpp	2011-01-02 17:12:02 +0000
+++ dcpp/Util.cpp	2011-01-25 12:17:48 +0000
@@ -804,19 +804,23 @@
 }
 
 string Util::formatTime(const string &msg, const time_t t) {
-	if (!msg.empty()) {
-		size_t bufsize = msg.size() + 256;
-		struct tm* loc = localtime(&t);
-
+	if(!msg.empty()) {
+		tm* loc = localtime(&t);
 		if(!loc) {
 			return Util::emptyString;
 		}
 
+		size_t bufsize = msg.size() + 256;
 		string buf(bufsize, 0);
 
+		errno = 0;
+
 		buf.resize(strftime(&buf[0], bufsize-1, msg.c_str(), loc));
 
 		while(buf.empty()) {
+			if(errno == EINVAL)
+				return Util::emptyString;
+
 			bufsize+=64;
 			buf.resize(bufsize);
 			buf.resize(strftime(&buf[0], bufsize-1, msg.c_str(), loc));

=== modified file 'win32/WinUtil.cpp'
--- win32/WinUtil.cpp	2011-01-09 14:54:10 +0000
+++ win32/WinUtil.cpp	2011-01-25 12:17:48 +0000
@@ -61,6 +61,7 @@
 extern "C" {
 	void HH_GS_CALL __GSHandlerCheck() { }
 	void HH_GS_CALL __security_check_cookie(uintptr_t) { }
+	uintptr_t __security_cookie;
 }
 #undef HH_GS_CALL
 #endif