Package: no-ip Version: 2.1.1-4 Tags: patch Attached is a patch against noip2.c from the 2.1.1-4 source package in stable, based on the fixes made in 2.1.7-11 from unstable.
Please note: I can build the package, but I have not tested the patched client (it should work...) Cheers, Avi
--- noip2.c 2008-11-26 23:27:47.000000000 +0200
+++ noip2.patched.c 2008-11-26 23:27:41.000000000 +0200
@@ -421,7 +421,7 @@
volatile void wake_handler(int signum);
void save_IP();
int get_shm_info();
-void get_our_visible_IPaddr(char *dest);
+void get_our_visible_IPaddr(char *dest, size_t len);
void getip(char *dest, char *device);
int run_as_background();
int Sleep(int seconds);
@@ -447,7 +447,7 @@
int yesno(char *fmt, ...);
int add_to_request(int kind, char *p);
int get_update_selection(int tgrp, int thst);
-int GetNextLine(char *dest);
+int GetNextLine(char *dest, size_t len);
void url_encode(unsigned char *in, unsigned char *out);
void get_credentials(char *l, char *p);
void get_device_name(char *d);
@@ -561,7 +561,7 @@
return FATALERR;
if (*IPaddress == 0) {
if (nat)
- get_our_visible_IPaddr(IPaddress);
+ get_our_visible_IPaddr(IPaddress, sizeof(IPaddress));
else
getip(IPaddress, device);
}
@@ -912,7 +912,7 @@
while (background) {
delay = MAX(60, my_instance->interval * 60);
if (nat)
- get_our_visible_IPaddr(IPaddress);
+ get_our_visible_IPaddr(IPaddress, sizeof(IPaddress));
else
getip(IPaddress, device);
#ifdef DEBUG
@@ -1360,7 +1360,7 @@
return SUCCESS;
}
///////////////////////////////////////////////////////////////////////////
-void get_our_visible_IPaddr(char *dest)
+void get_our_visible_IPaddr(char *dest, size_t len)
{
int x;
char *p = NULL;
@@ -1378,7 +1378,8 @@
} else {
close(socket_fd);
if ((p = strrchr(buffer,'\n'))) {// get end of penultimate line
- strcpy(dest, ++p); // address on next line
+ strncpy(dest, ++p, len); // address on next line
+ dest[len - 1] = '\0';
#ifdef DEBUG
if (my_instance ? my_instance->debug : debug)
fprintf(stderr,"! Our NAT IP address is %s\n", dest);
@@ -1432,9 +1433,9 @@
// analyze results
offset = 0;
for (i=0; i<6; i++)
- GetNextLine(tbuf);
+ GetNextLine(tbuf, sizeof(tbuf));
response = 0;
- while (GetNextLine(tbuf)) {
+ while (GetNextLine(tbuf, sizeof(tbuf))) {
p = ourname = tbuf; // ourname points at the host/group or error
is_group = 1;
while (*p && (*p != ':')) {
@@ -1870,7 +1871,7 @@
return len;
}
//////////////////////////////////////////////////////////////////////////
-int GetNextLine(char *dest)
+int GetNextLine(char *dest, size_t len)
{
char *p = &buffer[offset];
char *q = dest;
@@ -1881,8 +1882,9 @@
}
while (*p) {
*q++ = *p;
+ len--;
offset++;
- if (*p == '\n') {
+ if (*p == '\n' || len == 0) {
*q = 0;
//fprintf(stderr, "LINE = %s", dest);
return 1;
@@ -2177,7 +2179,8 @@
p = buffer;
if ((*p >= '0') && (*p <= '9')) { // extract IP address
q = external_ip;
- while (((*p >= '0') && (*p <= '9')) || (*p == '.'))
+ while ((q - external_ip < sizeof(external_ip) - 1) &&
+ (((*p >= '0') && (*p <= '9')) || (*p == '.')))
*q++ = *p++;
*q = 0;
}
@@ -2212,8 +2215,8 @@
groups->nlink = NULL;
for (x=0; x<6; x++) // skip first 6 lines HTTP protocol stuff
- GetNextLine(line);
- while (GetNextLine(line)) {
+ GetNextLine(line, sizeof(line));
+ while (GetNextLine(line, sizeof(line))) {
p = line;
s = settings;
while (strncmp(p, s->keyword, s->len) != 0)
signature.asc
Description: OpenPGP digital signature
