X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=encode.c;h=b95ada80f2770b42964a3f605e023baac00008ae;hp=07263d833cdf5a69f7e95d31644dac420558daca;hb=ab9215f1fc0fa7ee032246cb84e19ac351e920bb;hpb=17ef7337d1a41e4733c1ec662c3b1191d0c76a8a

diff --git a/encode.c b/encode.c
index 07263d83..b95ada80 100644
--- a/encode.c
+++ b/encode.c
@@ -1,4 +1,4 @@
-const char encode_rcs[] = "$Id: encode.c,v 1.5 2002/03/07 03:46:53 oes Exp $";
+const char encode_rcs[] = "$Id: encode.c,v 1.12 2007/08/04 10:15:51 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/encode.c,v $
@@ -7,7 +7,7 @@ const char encode_rcs[] = "$Id: encode.c,v 1.5 2002/03/07 03:46:53 oes Exp $";
  *                encode cookies and HTML text.
  *
  * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
- *                IJBSWA team.  http://ijbswa.sourceforge.net
+ *                Privoxy team. http://www.privoxy.org/
  *
  *                Based on the Internet Junkbuster originally written
  *                by and Copyright (C) 1997 Anonymous Coders and 
@@ -33,6 +33,25 @@ const char encode_rcs[] = "$Id: encode.c,v 1.5 2002/03/07 03:46:53 oes Exp $";
  *
  * Revisions   :
  *    $Log: encode.c,v $
+ *    Revision 1.12  2007/08/04 10:15:51  fabiankeil
+ *    Use strlcpy() instead of strcpy().
+ *
+ *    Revision 1.11  2006/12/28 18:25:53  fabiankeil
+ *    Fixed gcc43 compiler warning.
+ *
+ *    Revision 1.10  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.8  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.7  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.6  2002/03/13 00:27:04  jongfoster
+ *    Killing warnings
+ *
  *    Revision 1.5  2002/03/07 03:46:53  oes
  *    Fixed compiler warnings etc
  *
@@ -60,7 +79,9 @@ const char encode_rcs[] = "$Id: encode.c,v 1.5 2002/03/07 03:46:53 oes Exp $";
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <assert.h>
 
+#include "miscutil.h"
 #include "encode.h"
 
 const char encode_h_rcs[] = ENCODE_H_VERSION;
@@ -176,6 +197,7 @@ static const char * const cookie_code_map[256] = {
 char * html_encode(const char *s)
 {
    char * buf;
+   size_t buf_size;
    
    if (s == NULL)
    {
@@ -183,7 +205,8 @@ char * html_encode(const char *s)
    }
 
    /* each input char can expand to at most 6 chars */
-   buf = (char *) malloc((strlen(s) * 6) + 1);
+   buf_size = (strlen(s) * 6) + 1;
+   buf = (char *) malloc(buf_size);
 
    if (buf)
    {
@@ -194,8 +217,9 @@ char * html_encode(const char *s)
          const char * replace_with = html_code_map[(unsigned char) c];
          if(replace_with != NULL)
          {
-            strcpy(p, replace_with);
-            p += strlen(replace_with);
+            const size_t bytes_written = (size_t)(p - buf);
+            assert(bytes_written < buf_size);
+            p += strlcpy(p, replace_with, buf_size - bytes_written);
          }
          else
          {
@@ -206,6 +230,7 @@ char * html_encode(const char *s)
       *p = '\0';
    }
 
+   assert(strlen(buf) < buf_size);
    return(buf);
 }
 
@@ -263,6 +288,7 @@ char * html_encode_and_free_original(char *s)
 char * cookie_encode(const char *s)
 {
    char * buf;
+   size_t buf_size;
 
    if (s == NULL)
    {
@@ -270,7 +296,8 @@ char * cookie_encode(const char *s)
    }
 
    /* each input char can expand to at most 3 chars */
-   buf = (char *) malloc((strlen(s) * 3) + 1);
+   buf_size = (strlen(s) * 3) + 1;
+   buf = (char *) malloc(buf_size);
 
    if (buf)
    {
@@ -281,8 +308,9 @@ char * cookie_encode(const char *s)
          const char * replace_with = cookie_code_map[(unsigned char) c];
          if (replace_with != NULL)
          {
-            strcpy(p, replace_with);
-            p += strlen(replace_with);
+            const size_t bytes_written = (size_t)(p - buf);
+            assert(bytes_written < buf_size);
+            p += strlcpy(p, replace_with, buf_size - bytes_written);
          }
          else
          {
@@ -293,6 +321,7 @@ char * cookie_encode(const char *s)
       *p = '\0';
    }
 
+   assert(strlen(buf) < buf_size);
    return(buf);
 }
 
@@ -315,6 +344,7 @@ char * cookie_encode(const char *s)
 char * url_encode(const char *s)
 {
    char * buf;
+   size_t buf_size;
 
    if (s == NULL)
    {
@@ -322,7 +352,8 @@ char * url_encode(const char *s)
    }
 
    /* each input char can expand to at most 3 chars */
-   buf = (char *) malloc((strlen(s) * 3) + 1);
+   buf_size = (strlen(s) * 3) + 1;
+   buf = (char *) malloc(buf_size);
 
    if (buf)
    {
@@ -333,8 +364,9 @@ char * url_encode(const char *s)
          const char * replace_with = url_code_map[(unsigned char) c];
          if (replace_with != NULL)
          {
-            strcpy(p, replace_with);
-            p += strlen(replace_with);
+            const size_t bytes_written = (size_t)(p - buf);
+            assert(bytes_written < buf_size);
+            p += strlcpy(p, replace_with, buf_size - bytes_written);
          }
          else
          {
@@ -346,6 +378,7 @@ char * url_encode(const char *s)
 
    }
 
+   assert(strlen(buf) < buf_size);
    return(buf);
 }
 
@@ -396,7 +429,7 @@ static int xdtoi(const int d)
  * Returns     :  The integer value, or 0 for non-hex strings.
  *
  *********************************************************************/
-static int xtoi(const char *s)
+int xtoi(const char *s)
 {
    int d1, d2;
 
@@ -445,7 +478,7 @@ char *url_decode(const char * s)
                break;
 
             case '%':
-               if ((*q = xtoi(s + 1)) != '\0')
+               if ((*q = (char)xtoi(s + 1)) != '\0')
                {
                   s += 3;
                   q++;