[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev Lynx 2.8.2pre7 + wrong link segfaults
From: |
Leonid Pauzner |
Subject: |
Re: lynx-dev Lynx 2.8.2pre7 + wrong link segfaults |
Date: |
Thu, 3 Jun 1999 10:05:57 +0400 (MSD) |
3-Jun-99 09:10 Leonid Pauzner wrote:
> 30-May-99 21:38 address@hidden wrote:
>>>
>>> > > Hi again. 2.8.2pre9 is working fine with this bad link. I just get the
>>> > > Alert. This lynx was compiled with --enable-debug in case I have
>>> > > problems.
>>> >
>>> > good (I suspected it would, but studying the code I could not see where
>>> > the HTSprintf function would dump core - it certainly did not on my
>>> > machine).
>>>
>>> One very slight danger I can see in making assumptions is that the core
>>> dump *could* be dependent on having debug disabled.
>> The core dump came from using HTSprintf with a formatting parameter that
>> wasn't - it could, and did contain a % character that had nothing to do
>> with its design (the %7C for "|"). The bug wasn't in HTSprintf, but the
>> function that called it.
see below.
> Sorry, my fault, I thought HTSprintf may live without formating parameter
> so fall back to StrAllocCopy/StrAllocCat, at least HTSprintf0 called this way
> in LYMap.c and LYCookie.c for LYNXIMGMAP: and LYNXCOKIE:,
> other files should also be inspected for the same problem.
> from LYMap:c:
> ^^^^^^^^^^^^^
> #define PUTS(buf) (*target->isa->put_block)(target, buf, strlen(buf))
> HTSprintf0(&buf, "<html>\n<head>\n");
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> PUTS(buf);
...
Oh, I just wrote this but have not realized the problem:
'%' character was invented on us by string's argument
which happen to be URL with hex escaped symbols.
An HTAlert() does not use LYstore_massage(),
it does use LYstore_massage2() with two arguments,
so I am afraid the actual problem somethere else.
BTW, HTAlwaysAlert() does not use LYstrore_message/2
nor I have an idea about this function.
+1999-05-29 (2.8.2pre.9)
+* use StrAllocCopy rather than HTSprintf in LYstore_message() because no
+ formatting is done there; the message may contain formatting controls such as
+ %s (related to bug report by Frederic L W Meunier <address@hidden>) -TD
--- 2.8.2pre.8/src/LYHistory.c Thu May 20 06:48:10 1999
+++ 2.8.2pre.9/src/LYHistory.c Sat May 29 21:27:26 1999
@@ -746,29 +746,20 @@
CONST char *, message,
CONST char *, argument)
{
- char *temp = NULL;
- if (message == NULL)
- return;
-
- HTSprintf(&temp, message, (argument == 0) ? "" : argument);
-
- to_stack(temp);
-
- return;
+ if (message != NULL) {
+ char *temp = NULL;
+ HTSprintf(&temp, message, (argument == 0) ? "" : argument);
+ to_stack(temp);
+ }
}
+
PUBLIC void LYstore_message ARGS1(
CONST char *, message)
{
- char *temp = NULL;
-
- if (message == NULL)
- return;
-
- HTSprintf(&temp, message);
-
- to_stack(temp);
-
- return;
+ if (message != NULL) {
+ char *temp = NULL;
+ StrAllocCopy(temp, message);
+ to_stack(temp);
+ }
}