Re: [PATCH] PGP/GPG support for Balsa 1.3.5
- From: Brian Stafford <brian stafford uklinux net>
- To: Pawel Salek <pawsa TheoChem kth se>
- Cc: foxy free fr, Mailing-list Balsa <balsa-list gnome org>
- Subject: Re: [PATCH] PGP/GPG support for Balsa 1.3.5
- Date: Fri, 26 Apr 2002 09:01:44 +0100
On Fri 08:48, 26 April 2002 Pawel Salek wrote:
>
> On 2002.04.25 19:25 Laurent Cheylus wrote:
>>
>> this is my patch to support PGP/GPG with Balsa, modified for sources
>> of version 1.3.5 : http://foxy.free.fr/balsa-1.3.5-gpg.patch
>
> I tried to reply a message, and this patch crashed in strcpy in:
>
> +#ifdef USE_GPGME
> + /* Sign message with PGP/GPG */
> + body->buffer=g_malloc0(sizeof(gchar)*(strlen(buffer_tmp)+8*1024));
> +
> + if (msg_sign) {
> + sendmsg_window = (GtkWidget*) bsmsg->window;
> + libbalsa_gpg_sign_message(body->buffer,buffer_tmp);
> + }
> + else { strcpy(body->buffer,buffer_tmp); } <-- this line
> +#else
> + strcpy(body->buffer,buffer_tmp);
> +#endif
> + After the crash, the stack was somewhat damaged.
>
> -pawel
Using strcpy is fundamentally unsafe as it does not check that there is enough
room in the destination buffer. It is particularly to be avoided in "secure"
code. (I had my wrists smacked for this henious crime recently.)
The following might be a better substitute (it's better than strncpy anyway).
The destination buffer is never overflowed and, at worst, the copy of the
source string is truncated but \0 termination is guaranteed.
char *
safe_strcpy (char *dest, size_t destlen, const char *src)
{
size_t srclen = strlen (src);
if (srclen >= destlen)
srclen = destlen - 1;
memcpy (dest, src, srclen);
dest[srclen] = '\0';
return dest;
}
or alternatively, steal some code from libESMTP's concatenate.c.
Brian Stafford
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
