[PATCH] : clean-ups, buffer overflow paranoia :)

[Emmanuel <e allaud wanadoo fr>]

	Hi all,
here is a little patch against 1.2.4 and cvs that does the following

in src/balsa-message.c :
	- in get_font_name : obvious strncpy(res,"*",1) --> *res='*'; 
moreover we are sure here that len>=1 so in the else branch we are sure 
that len=1, it's useless to redo len=1;

in libbalsa/pop3.c :
	- in pop_get_stats : change format string in sscanf to specify max 
length of result. This is necessary to be sure we don't do a buffer 
overflow when we receive a weird answer from pop server.
I've check the other strcpy and I think now they are safe.
Bye
Manu
--- ../balsa-1.2.4/libbalsa/pop3.c	Tue Jan 15 20:48:02 2002
+++ balsa-1.2.4/libbalsa/pop3.c	Thu Jan 24 17:37:54 2002
@@ -341,8 +341,11 @@
 		/* none of uidl or last recognised, fail.. */
 		return POP_COMMAND_ERR;
 	    }
-	    sscanf( buffer + 3, " %d %s", &tmp, uid);
-	    
+	    /* We protect ourselves from a badly formed answer that could
+	       lead us to an overflow */
+	    sscanf( buffer + 3, " %d %79s", &tmp, uid);
+	    uid[79]='\0';/* be sure to have a null-ended string*/
+
 	    if(i == *msgs) {
 		strcpy(last_uid, uid); /* save uid of the last message */
 		if(*prev_last_uid == '\0')
@@ -614,7 +617,7 @@
 	write (s, "quit\r\n", 6);
 	getLine (s, buffer, sizeof (buffer)); /* snarf the response */
 	if(status == POP_OK)
-	    strcpy(last_uid, uid);/* FIXME: overflow error on hideous reply? */
+	    strcpy(last_uid, uid);
     }
     close (s);
 
--- ../balsa-1.2.4/src/balsa-message.c	Tue Jan 15 20:48:11 2002
+++ balsa-1.2.4/src/balsa-message.c	Thu Jan 24 17:35:07 2002
@@ -1203,7 +1203,7 @@
 
     /* defense against a patologically short base font wildcard implemented
      * in the chunk below
-     * extra space for dwo dashes and '\0' */
+     * extra space for two dashes and '\0' */
     len = ptr - base;
     /* if(dash_cnt>12) len--; */
     if (len < 1)
@@ -1216,10 +1216,8 @@
 
     if (len > 1)
 	strncpy(res, base, len);
-    else {
-	strncpy(res, "*", 1);
-	len = 1;
-    }
+    else
+	*res='*';
 
     res[len] = '-';
     strcpy(res + len + 1, postfix);
--- ../balsa-cvs/balsa/libbalsa/pop3.c	Sun Jan  6 20:41:09 2002
+++ balsa-cvs/balsa/libbalsa/pop3.c	Thu Jan 24 17:43:37 2002
@@ -352,8 +352,11 @@
 		/* none of uidl or last recognised, fail.. */
 		return POP_COMMAND_ERR;
 	    }
-	    sscanf( buffer + 3, " %d %s", &tmp, uid);
-	    
+	    /* We protect ourselves from a badly formed answer that could
+	       lead us to an overflow */
+	    sscanf( buffer + 3, " %d %79s", &tmp, uid);
+	    uid[79]='\0';/* be sure to have a null-ended string*/
+
 	    if(i == *msgs) {
 		strcpy(last_uid, uid); /* save uid of the last message */
 		if(*prev_last_uid == '\0')
@@ -625,7 +628,7 @@
 	write (s, "quit\r\n", 6);
 	getLine (s, buffer, sizeof (buffer)); /* snarf the response */
 	if(status == POP_OK)
-	    strcpy(last_uid, uid);/* FIXME: overflow error on hideous reply? */
+	    strcpy(last_uid, uid);
     }
     close (s);
 
--- ../balsa-cvs/balsa/src/balsa-message.c	Sun Dec 16 10:29:21 2001
+++ balsa-cvs/balsa/src/balsa-message.c	Thu Jan 24 17:44:29 2002
@@ -1250,7 +1250,7 @@
 
     /* defense against a patologically short base font wildcard implemented
      * in the chunk below
-     * extra space for dwo dashes and '\0' */
+     * extra space for two dashes and '\0' */
     len = ptr - base;
     /* if(dash_cnt>12) len--; */
     if (len < 1)
@@ -1263,10 +1263,8 @@
 
     if (len > 1)
 	strncpy(res, base, len);
-    else {
-	strncpy(res, "*", 1);
-	len = 1;
-    }
+    else
+	*res='*';
 
     res[len] = '-';
     strcpy(res + len + 1, postfix);