Fix to prevent possible buffer overflows

2000-08-28 Jeffrey Stedfast <fejj@helixcode.com> * mail-crypto.c (mail_crypto_openpgp_encrypt): Fix to prevent possible buffer overflows svn path=/trunk/; revision=5070
author: Jeffrey Stedfast <fejj@helixcode.com> 2000-08-28 11:58:49 +0800
committer: Jeffrey Stedfast <fejj@src.gnome.org> 2000-08-28 11:58:49 +0800
commit: 08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce (patch)
tree: 9002dec0a26014108a87c31ccc6c4640663e72a5 /mail/mail-crypto.c
parent: 27084dc009197c71bd4162dc26b9f821ebf4863d (diff)
download: gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.tar
gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.tar.gz
gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.tar.bz2
gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.tar.lz
gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.tar.xz
gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.tar.zst
gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.zip
1 files changed, 37 insertions, 34 deletions
diff --git a/mail/mail-crypto.c b/mail/mail-crypto.c
index bb9ae5f7e0..5ec218e334 100644
--- a/mail/mail-crypto.c
+++ b/mail/mail-crypto.c
@@ -428,8 +428,9 @@ mail_crypto_openpgp_encrypt (const char *plaintext,
 			     gboolean sign, CamelException *ex)
 {
 	GPtrArray *recipient_list = NULL;
+	GPtrArray *argv;
 	int retval, i, r;
-	char *path, *argv[15];
+	char *path;
 	char *passphrase = NULL, *ciphertext = NULL, *diagnostics = NULL;
 	int passwd_fds[2];
 	char passwd_fd[32];
@@ -453,7 +454,7 @@ mail_crypto_openpgp_encrypt (const char *plaintext,
 		}
 	}
 	
-	i = 0;
+	argv = g_ptr_array_new ();
 #if defined(GPG_PATH)
 	path = GPG_PATH;
 	
@@ -466,27 +467,27 @@ mail_crypto_openpgp_encrypt (const char *plaintext,
 		g_ptr_array_add (recipient_list, buf);
 	}
 	
-	argv[i++] = "gpg";
-	argv[i++] = "--verbose";
-	argv[i++] = "--yes";
-	argv[i++] = "--batch";
+	g_ptr_array_add (argv, "gpg");
+	g_ptr_array_add (argv, "--verbose");
+	g_ptr_array_add (argv, "--yes");
+	g_ptr_array_add (argv, "--batch");
 	
-	argv[i++] = "--armor";
+	g_ptr_array_add (argv, "--armor");
 	
 	for (r = 0; r < recipient_list->len; r++)
-		argv[i++] = recipient_list->pdata[r];
+		g_ptr_array_add (argv, recipient_list->pdata[r]);
 	
-	argv[i++] = "--output";
-	argv[i++] = "-";            /* output to stdout */
+	g_ptr_array_add (argv, "--output");
+	g_ptr_array_add (argv, "-");            /* output to stdout */
 	
-	argv[i++] = "--encrypt";
+	g_ptr_array_add (argv, "--encrypt");
 	
 	if (sign) {
-		argv[i++] = "--sign";
+		g_ptr_array_add (argv, "--sign");
 		
-		argv[i++] = "--passphrase-fd";
+		g_ptr_array_add (argv, "--passphrase-fd");
 		sprintf (passwd_fd, "%d", passwd_fds[0]);
-		argv[i++] = passwd_fd;
+		g_ptr_array_add (argv, passwd_fd);
 	}
 #elif defined(PGP5_PATH)
 	path = PGP5_PATH;
@@ -500,19 +501,19 @@ mail_crypto_openpgp_encrypt (const char *plaintext,
 		g_ptr_array_add (recipient_list, buf);
 	}
 	
-	argv[i++] = "pgpe";
+	g_ptr_array_add (argv, "pgpe");
 	
 	for (r = 0; r < recipient_list->len; r++)
-		argv[i++] = recipient_list->pdata[r];
+		g_ptr_array_add (argv, recipient_list->pdata[r]);
 	
-	argv[i++] = "-f";
-	argv[i++] = "-z";
-	argv[i++] = "-a";
-	argv[i++] = "-o";
-	argv[i++] = "-";        /* output to stdout */
+	g_ptr_array_add (argv, "-f");
+	g_ptr_array_add (argv, "-z");
+	g_ptr_array_add (argv, "-a");
+	g_ptr_array_add (argv, "-o");
+	g_ptr_array_add (argv, "-");        /* output to stdout */
 	
 	if (sign) {
-		argv[i++] = "-s";
+		g_ptr_array_add (argv, "-s");
 	
 		sprintf (passwd_fd, "PGPPASSFD=%d", passwd_fds[0]);
 		putenv (passwd_fd);
@@ -529,27 +530,27 @@ mail_crypto_openpgp_encrypt (const char *plaintext,
 		g_ptr_array_add (recipient_list, buf);
 	}
 	
-	argv[i++] = "pgp";
-	argv[i++] = "-f";
-	argv[i++] = "-e";
-	argv[i++] = "-a";
-	argv[i++] = "-o";
-	argv[i++] = "-";
+	g_ptr_array_add (argv, "pgp");
+	g_ptr_array_add (argv, "-f");
+	g_ptr_array_add (argv, "-e");
+	g_ptr_array_add (argv, "-a");
+	g_ptr_array_add (argv, "-o");
+	g_ptr_array_add (argv, "-");
 	
 	for (r = 0; r < recipient_list->len; r++)
-		argv[i++] = recipient_list->pdata[r];
+		g_ptr_array_add (argv, recipient_list->pdata[r]);
 	
 	if (sign) {
-		argv[i++] = "-s";
+		g_ptr_array_add (argv, "-s");
 		
 		sprintf (passwd_fd, "PGPPASSFD=%d", passwd_fds[0]);
 		putenv (passwd_fd);
 	}
 #endif
-	argv[i++] = NULL;
-
-	retval = crypto_exec_with_passwd (path, argv, plaintext, passwd_fds,
-					  passphrase, &ciphertext,
+	g_ptr_array_add (argv, NULL);
+	
+	retval = crypto_exec_with_passwd (path, (char **) argv->pdata, plaintext,
+					  passwd_fds, passphrase, &ciphertext,
 					  &diagnostics);
 	
 	if (retval != 0 || !*ciphertext) {
@@ -565,6 +566,8 @@ mail_crypto_openpgp_encrypt (const char *plaintext,
 		g_ptr_array_free (recipient_list, TRUE);
 	}
 	
+	g_ptr_array_free (argv, TRUE);
+	
 	g_free (diagnostics);
 	
 	return ciphertext;
author	Jeffrey Stedfast <fejj@helixcode.com>	2000-08-28 11:58:49 +0800
committer	Jeffrey Stedfast <fejj@src.gnome.org>	2000-08-28 11:58:49 +0800
commit	08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce (patch)
tree	9002dec0a26014108a87c31ccc6c4640663e72a5 /mail/mail-crypto.c
parent	27084dc009197c71bd4162dc26b9f821ebf4863d (diff)
download	gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.tar gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.tar.gz gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.tar.bz2 gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.tar.lz gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.tar.xz gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.tar.zst gsoc2013-evolution-08b9e2eeacab3d0d2989fb03d5a2ad0979f2a1ce.zip