lynx-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev Lynx 2.8.2pre7 + wrong link segfaults

From: Leonid Pauzner
Subject: Re: lynx-dev Lynx 2.8.2pre7 + wrong link segfaults
Date: Thu, 3 Jun 1999 10:05:57 +0400 (MSD) 
3-Jun-99 09:10 Leonid Pauzner wrote:
> 30-May-99 21:38 address@hidden wrote:
>>>
>>> > > Hi again. 2.8.2pre9 is working fine with this bad link. I just get the
>>> > > Alert. This lynx was compiled with --enable-debug in case I have 
>>> > > problems.
>>> >
>>> > good (I suspected it would, but studying the code I could not see where
>>> > the HTSprintf function would dump core - it certainly did not on my 
>>> > machine).
>>>
>>> One very slight danger I can see in making assumptions is that the core
>>> dump *could* be dependent on having debug disabled.

>> The core dump came from using HTSprintf with a formatting parameter that
>> wasn't - it could, and did contain a % character that had nothing to do
>> with its design (the %7C for "|").  The bug wasn't in HTSprintf, but the
>> function that called it.

see below.

> Sorry, my fault, I thought HTSprintf may live without formating parameter
> so fall back to StrAllocCopy/StrAllocCat, at least HTSprintf0 called this way
> in LYMap.c and LYCookie.c for LYNXIMGMAP: and LYNXCOKIE:,
> other files should also be inspected for the same problem.



> from LYMap:c:
> ^^^^^^^^^^^^^

> #define PUTS(buf)    (*target->isa->put_block)(target, buf, strlen(buf))

>     HTSprintf0(&buf, "<html>\n<head>\n");
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>     PUTS(buf);
...

Oh, I just wrote this but have not realized the problem:
'%' character was invented on us by string's argument
which happen to be URL with hex escaped symbols.
An HTAlert() does not use LYstore_massage(),
it does use LYstore_massage2() with two arguments,
so I am afraid the actual problem somethere else.

BTW, HTAlwaysAlert() does not use LYstrore_message/2
nor I have an idea about this function.


+1999-05-29 (2.8.2pre.9)
+* use StrAllocCopy rather than HTSprintf in LYstore_message() because no
+  formatting is done there; the message may contain formatting controls such as
+  %s (related to bug report by Frederic L W Meunier <address@hidden>) -TD

--- 2.8.2pre.8/src/LYHistory.c  Thu May 20 06:48:10 1999
+++ 2.8.2pre.9/src/LYHistory.c  Sat May 29 21:27:26 1999
@@ -746,29 +746,20 @@
        CONST char *,   message,
        CONST char *,   argument)
 {
-    char *temp = NULL;

-    if (message == NULL)
-       return;
-
-    HTSprintf(&temp, message, (argument == 0) ? "" : argument);
-
-    to_stack(temp);
-
-    return;
+    if (message != NULL) {
+       char *temp = NULL;
+       HTSprintf(&temp, message, (argument == 0) ? "" : argument);
+       to_stack(temp);
+    }
 }
+
 PUBLIC void LYstore_message ARGS1(
        CONST char *,   message)
 {
-    char *temp = NULL;
-
-    if (message == NULL)
-       return;
-
-    HTSprintf(&temp, message);
-
-    to_stack(temp);
-
-    return;
+    if (message != NULL) {
+       char *temp = NULL;
+       StrAllocCopy(temp, message);
+       to_stack(temp);
+    }
 }
reply via email to
[Prev in Thread] Current Thread [Next in Thread]