Context Navigation

msn_util.c @ d16e951

Last change on this file since d16e951 was 098a75b, checked in by dequis <dx@…>, at 2015-03-22T13:35:08Z

Fix a bunch of memory leaks

irc_im.c:
- bee_irc_user_msg: strdup leaks when otr swallows messages
- bee_irc_user_action_response: GString leak in all ctcp replies
otr.c:
- call g_slist_free() on the list of the otr_policy setting
- otr_filter_msg_in: call otrl_tlv_free() if "tlvs" are returned
- otr_filter_msg_out: don't g_strdup() if the message should be ignored
- log_otr_message: g_strdup_vprintf() leaks always
nogaim.c:
- imcb_ask_auth/imcb_ask_add: leaks in g_strdup_printf()
- imcb_ask_add leaks imcb_ask_cb_data if the user already exists
- add imcb_ask_cb_free() to correctly free its data
msn_util.c: add msn_buddy_ask_free(), ditto
storage_xml.c: pass_cr/password if base64_decode or arc_decode fail
ssl_gnutls.c: conn->hostname leak in error conditions, like invalid certs
jabber_util.c: jabber_buddy_by_ext_jid() leaks jid if it's not an ext jid

Property mode set to 100644

File size: 12.6 KB

Rev	Line
[5ebff60]	1	/********************************************************************\
[b7d3cc34]	2	* BitlBee -- An IRC to other IM-networks gateway *
	3	* *
[79bb7e4]	4	* Copyright 2002-2012 Wilmer van der Gaast and others *
[b7d3cc34]	5	\********************************************************************/
	6
	7	/* MSN module - Miscellaneous utilities */
	8
	9	/*
	10	This program is free software; you can redistribute it and/or modify
	11	it under the terms of the GNU General Public License as published by
	12	the Free Software Foundation; either version 2 of the License, or
	13	(at your option) any later version.
	14
	15	This program is distributed in the hope that it will be useful,
	16	but WITHOUT ANY WARRANTY; without even the implied warranty of
	17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	18	GNU General Public License for more details.
	19
	20	You should have received a copy of the GNU General Public License with
	21	the Debian GNU/Linux distribution in /usr/share/common-licenses/GPL;
[6f10697]	22	if not, write to the Free Software Foundation, Inc., 51 Franklin St.,
	23	Fifth Floor, Boston, MA 02110-1301 USA
[b7d3cc34]	24	*/
	25
	26	#include "nogaim.h"
	27	#include "msn.h"
[21029d0]	28	#include "md5.h"
[193dc74]	29	#include "soap.h"
[b7d3cc34]	30	#include <ctype.h>
	31
[5ebff60]	32	static char adlrml_entry(const char handle_, msn_buddy_flags_t list)
[193dc74]	33	{
[5ebff60]	34	char *domain, handle[strlen(handle_) + 1];
	35
	36	strcpy(handle, handle_);
	37	if ((domain = strchr(handle, '@'))) {
[d97f51b]	38	*(domain++) = '\0';
[5ebff60]	39	} else {
[193dc74]	40	return NULL;
[5ebff60]	41	}
	42
	43	return g_markup_printf_escaped("<ml><d n=\"%s\"><c n=\"%s\" l=\"%d\" t=\"1\"/></d></ml>",
	44	domain, handle, list);
[193dc74]	45	}
	46
[5ebff60]	47	int msn_buddy_list_add(struct im_connection ic, msn_buddy_flags_t list, const char who, const char *realname,
	48	const char *group)
[b7d3cc34]	49	{
[0da65d5]	50	struct msn_data *md = ic->proto_data;
[64768d4]	51	char groupid[8];
[193dc74]	52	bee_user_t *bu;
	53	struct msn_buddy_data *bd;
	54	char *adl;
[5ebff60]	55
[6acc033]	56	*groupid = '\0';
[193dc74]	57	#if 0
[5ebff60]	58	if (group) {
[6acc033]	59	int i;
[5ebff60]	60	for (i = 0; i < md->groupcount; i++) {
	61	if (g_strcasecmp(md->grouplist[i], group) == 0) {
	62	g_snprintf(groupid, sizeof(groupid), " %d", i);
[6acc033]	63	break;
	64	}
[5ebff60]	65	}
	66
	67	if (*groupid == '\0') {
[70ac477]	68	/* Have to create this group, it doesn't exist yet. */
	69	struct msn_groupadd *ga;
	70	GSList *l;
[5ebff60]	71
	72	for (l = md->grpq; l; l = l->next) {
[70ac477]	73	ga = l->data;
[5ebff60]	74	if (g_strcasecmp(ga->group, group) == 0) {
[70ac477]	75	break;
[5ebff60]	76	}
[70ac477]	77	}
[5ebff60]	78
	79	ga = g_new0(struct msn_groupadd, 1);
	80	ga->who = g_strdup(who);
	81	ga->group = g_strdup(group);
	82	md->grpq = g_slist_prepend(md->grpq, ga);
	83
	84	if (l == NULL) {
	85	char groupname[strlen(group) + 1];
	86	strcpy(groupname, group);
	87	http_encode(groupname);
	88	g_snprintf(buf, sizeof(buf), "ADG %d %s %d\r\n", ++md->trId, groupname, 0);
	89	return msn_write(ic, buf, strlen(buf));
	90	} else {
[70ac477]	91	/* This can happen if the user's doing lots of adds to a
	92	new group at once; we're still waiting for the server
	93	to confirm group creation. */
	94	return 1;
	95	}
	96	}
[b7d3cc34]	97	}
[193dc74]	98	#endif
[5ebff60]	99
	100	if (!((bu = bee_user_by_handle(ic->bee, ic, who)) \|\|
	101	(bu = bee_user_new(ic->bee, ic, who, 0))) \|\|
	102	!(bd = bu->data) \|\| bd->flags & list) {
[193dc74]	103	return 1;
[5ebff60]	104	}
	105
[193dc74]	106	bd->flags \|= list;
[5ebff60]	107
	108	if (list == MSN_BUDDY_FL) {
	109	msn_soap_ab_contact_add(ic, bu);
	110	} else {
	111	msn_soap_memlist_edit(ic, who, TRUE, list);
	112	}
	113
	114	if ((adl = adlrml_entry(who, list))) {
	115	int st = msn_ns_write(ic, -1, "ADL %d %zd\r\n%s",
	116	++md->trId, strlen(adl), adl);
	117	g_free(adl);
	118
[64768d4]	119	return st;
[193dc74]	120	}
[5ebff60]	121
[6ddb223]	122	return 1;
[b7d3cc34]	123	}
	124
[5ebff60]	125	int msn_buddy_list_remove(struct im_connection ic, msn_buddy_flags_t list, const char who, const char *group)
[b7d3cc34]	126	{
[0da65d5]	127	struct msn_data *md = ic->proto_data;
[64768d4]	128	char groupid[8];
[193dc74]	129	bee_user_t *bu;
	130	struct msn_buddy_data *bd;
	131	char *adl;
[5ebff60]	132
[8b01217]	133	*groupid = '\0';
[193dc74]	134	#if 0
[5ebff60]	135	if (group) {
[8b01217]	136	int i;
[5ebff60]	137	for (i = 0; i < md->groupcount; i++) {
	138	if (g_strcasecmp(md->grouplist[i], group) == 0) {
	139	g_snprintf(groupid, sizeof(groupid), " %d", i);
[8b01217]	140	break;
	141	}
[5ebff60]	142	}
[8b01217]	143	}
[193dc74]	144	#endif
[5ebff60]	145
	146	if (!(bu = bee_user_by_handle(ic->bee, ic, who)) \|\|
	147	!(bd = bu->data) \|\| !(bd->flags & list)) {
[193dc74]	148	return 1;
[5ebff60]	149	}
	150
[193dc74]	151	bd->flags &= ~list;
[5ebff60]	152
	153	if (list == MSN_BUDDY_FL) {
	154	msn_soap_ab_contact_del(ic, bu);
	155	} else {
	156	msn_soap_memlist_edit(ic, who, FALSE, list);
	157	}
	158
	159	if ((adl = adlrml_entry(who, list))) {
	160	int st = msn_ns_write(ic, -1, "RML %d %zd\r\n%s",
	161	++md->trId, strlen(adl), adl);
	162	g_free(adl);
	163
[64768d4]	164	return st;
[193dc74]	165	}
[5ebff60]	166
[6ddb223]	167	return 1;
[b7d3cc34]	168	}
	169
[5ebff60]	170	struct msn_buddy_ask_data {
[0da65d5]	171	struct im_connection *ic;
[b7d3cc34]	172	char *handle;
	173	char *realname;
	174	};
	175
[098a75b]	176	static void msn_buddy_ask_free(void *data)
	177	{
	178	struct msn_buddy_ask_data *bla = data;
	179
	180	g_free(bla->handle);
	181	g_free(bla->realname);
	182	g_free(bla);
	183	}
	184
[5ebff60]	185	static void msn_buddy_ask_yes(void *data)
[b7d3cc34]	186	{
[9143aeb]	187	struct msn_buddy_ask_data *bla = data;
[5ebff60]	188
	189	msn_buddy_list_add(bla->ic, MSN_BUDDY_AL, bla->handle, bla->realname, NULL);
	190
	191	imcb_ask_add(bla->ic, bla->handle, NULL);
	192
[098a75b]	193	msn_buddy_ask_free(bla);
[b7d3cc34]	194	}
	195
[5ebff60]	196	static void msn_buddy_ask_no(void *data)
[b7d3cc34]	197	{
[9143aeb]	198	struct msn_buddy_ask_data *bla = data;
[5ebff60]	199
	200	msn_buddy_list_add(bla->ic, MSN_BUDDY_BL, bla->handle, bla->realname, NULL);
	201
[098a75b]	202	msn_buddy_ask_free(bla);
[b7d3cc34]	203	}
	204
[5ebff60]	205	void msn_buddy_ask(bee_user_t *bu)
[b7d3cc34]	206	{
[e5854a8]	207	struct msn_buddy_ask_data *bla;
	208	struct msn_buddy_data *bd = bu->data;
[b7d3cc34]	209	char buf[1024];
[5ebff60]	210
	211	if (!(bd->flags & MSN_BUDDY_PL)) {
[e5854a8]	212	return;
[5ebff60]	213	}
	214
	215	bla = g_new0(struct msn_buddy_ask_data, 1);
[e5854a8]	216	bla->ic = bu->ic;
[5ebff60]	217	bla->handle = g_strdup(bu->handle);
	218	bla->realname = g_strdup(bu->fullname);
	219
	220	g_snprintf(buf, sizeof(buf),
	221	"The user %s (%s) wants to add you to his/her buddy list.",
	222	bu->handle, bu->fullname);
[098a75b]	223
	224	imcb_ask_with_free(bu->ic, buf, bla, msn_buddy_ask_yes, msn_buddy_ask_no, msn_buddy_ask_free);
[b7d3cc34]	225	}
	226
	227	/* NOT thread-safe, but that's not a problem for now... */
[5ebff60]	228	char *msn_linesplit(char line)
[b7d3cc34]	229	{
	230	static char **ret = NULL;
	231	static int size = 3;
	232	int i, n = 0;
[5ebff60]	233
	234	if (ret == NULL) {
	235	ret = g_new0(char*, size);
	236	}
	237
	238	for (i = 0; line[i] && line[i] == ' '; i++) {
	239	;
	240	}
	241	if (line[i]) {
[b7d3cc34]	242	ret[n++] = line + i;
[5ebff60]	243	for (i++; line[i]; i++) {
	244	if (line[i] == ' ') {
[b7d3cc34]	245	line[i] = 0;
[5ebff60]	246	} else if (line[i] != ' ' && !line[i - 1]) {
[b7d3cc34]	247	ret[n++] = line + i;
[5ebff60]	248	}
	249
	250	if (n >= size) {
	251	ret = g_renew(char*, ret, size += 2);
	252	}
[b7d3cc34]	253	}
	254	}
	255	ret[n] = NULL;
[5ebff60]	256
	257	return(ret);
[b7d3cc34]	258	}
	259
	260	/* This one handles input from a MSN Messenger server. Both the NS and SB servers usually give
	261	commands, but sometimes they give additional data (payload). This function tries to handle
	262	this all in a nice way and send all data to the right places. */
	263
	264	/* Return values: -1: Read error, abort connection.
	265	0: Command reported error; Abort immediately. (The connection does not exist anymore)
	266	1: OK */
	267
[5ebff60]	268	int msn_handler(struct msn_handler_data *h)
[b7d3cc34]	269	{
	270	int st;
[5ebff60]	271
	272	h->rxq = g_renew(char, h->rxq, h->rxlen + 1024);
	273	st = read(h->fd, h->rxq + h->rxlen, 1024);
[b7d3cc34]	274	h->rxlen += st;
[5ebff60]	275
	276	if (st <= 0) {
	277	return(-1);
	278	}
	279
	280	if (getenv("BITLBEE_DEBUG")) {
	281	write(2, "->C:", 4);
	282	write(2, h->rxq + h->rxlen - st, st);
[523fb23]	283	}
[5ebff60]	284
	285	while (st) {
[b7d3cc34]	286	int i;
[5ebff60]	287
	288	if (h->msglen == 0) {
	289	for (i = 0; i < h->rxlen; i++) {
	290	if (h->rxq[i] == '\r' \|\| h->rxq[i] == '\n') {
[b7d3cc34]	291	char cmd_text, *cmd;
	292	int count;
[5ebff60]	293
	294	cmd_text = g_strndup(h->rxq, i);
	295	cmd = msn_linesplit(cmd_text);
	296	for (count = 0; cmd[count]; count++) {
	297	;
	298	}
	299	st = h->exec_command(h, cmd, count);
	300	g_free(cmd_text);
	301
[b7d3cc34]	302	/* If the connection broke, don't continue. We don't even exist anymore. */
[5ebff60]	303	if (!st) {
	304	return(0);
	305	}
	306
	307	if (h->msglen) {
	308	h->cmd_text = g_strndup(h->rxq, i);
	309	}
	310
[b7d3cc34]	311	/* Skip to the next non-emptyline */
[5ebff60]	312	while (i < h->rxlen && (h->rxq[i] == '\r' \|\| h->rxq[i] == '\n')) {
	313	i++;
	314	}
	315
[b7d3cc34]	316	break;
	317	}
	318	}
[5ebff60]	319
[b7d3cc34]	320	/* If we reached the end of the buffer, there's still an incomplete command there.
	321	Return and wait for more data. */
[5ebff60]	322	if (i == h->rxlen && h->rxq[i - 1] != '\r' && h->rxq[i - 1] != '\n') {
[b7d3cc34]	323	break;
[5ebff60]	324	}
	325	} else {
[b7d3cc34]	326	char msg, *cmd;
	327	int count;
[5ebff60]	328
[b7d3cc34]	329	/* Do we have the complete message already? */
[5ebff60]	330	if (h->msglen > h->rxlen) {
[b7d3cc34]	331	break;
[5ebff60]	332	}
	333
	334	msg = g_strndup(h->rxq, h->msglen);
	335	cmd = msn_linesplit(h->cmd_text);
	336	for (count = 0; cmd[count]; count++) {
	337	;
	338	}
	339
	340	st = h->exec_message(h, msg, h->msglen, cmd, count);
	341	g_free(msg);
	342	g_free(h->cmd_text);
[b7d3cc34]	343	h->cmd_text = NULL;
[5ebff60]	344
	345	if (!st) {
	346	return(0);
	347	}
	348
[b7d3cc34]	349	i = h->msglen;
	350	h->msglen = 0;
	351	}
[5ebff60]	352
[b7d3cc34]	353	/* More data after this block? */
[5ebff60]	354	if (i < h->rxlen) {
[b7d3cc34]	355	char *tmp;
[5ebff60]	356
	357	tmp = g_memdup(h->rxq + i, h->rxlen - i);
	358	g_free(h->rxq);
[b7d3cc34]	359	h->rxq = tmp;
	360	h->rxlen -= i;
	361	i = 0;
[5ebff60]	362	} else {
	363	/* If not, reset the rx queue and get lost. */
	364	g_free(h->rxq);
	365	h->rxq = g_new0(char, 1);
[b7d3cc34]	366	h->rxlen = 0;
[5ebff60]	367	return(1);
[b7d3cc34]	368	}
	369	}
[5ebff60]	370
	371	return(1);
[b7d3cc34]	372	}
[54794b8]	373
[5ebff60]	374	void msn_msgq_purge(struct im_connection ic, GSList *list)
[46dca11]	375	{
	376	struct msn_message *m;
	377	GString *ret;
	378	GSList *l;
[4255320]	379	int n = 0;
[5ebff60]	380
[46dca11]	381	l = *list;
[5ebff60]	382	if (l == NULL) {
[46dca11]	383	return;
[5ebff60]	384	}
	385
[46dca11]	386	m = l->data;
[5ebff60]	387	ret = g_string_sized_new(1024);
	388	g_string_printf(ret, "Warning: Cleaning up MSN (switchboard) connection with unsent "
	389	"messages to %s:", m->who ? m->who : "unknown recipient");
	390
	391	while (l) {
[46dca11]	392	m = l->data;
[5ebff60]	393
	394	if (strncmp(m->text, "\r\r\r", 3) != 0) {
	395	g_string_append_printf(ret, "\n%s", m->text);
	396	n++;
[4255320]	397	}
[5ebff60]	398
	399	g_free(m->who);
	400	g_free(m->text);
	401	g_free(m);
	402
[46dca11]	403	l = l->next;
	404	}
[5ebff60]	405	g_slist_free(*list);
[46dca11]	406	*list = NULL;
[5ebff60]	407
	408	if (n > 0) {
	409	imcb_log(ic, "%s", ret->str);
	410	}
	411	g_string_free(ret, TRUE);
[46dca11]	412	}
[e3413cc]	413
[21029d0]	414	/* Copied and heavily modified from http://tmsnc.sourceforge.net/chl.c */
[5ebff60]	415	char msn_p11_challenge(char challenge)
[21029d0]	416	{
	417	char *output, buf[256];
	418	md5_state_t md5c;
	419	unsigned char md5Hash[16], *newHash;
	420	unsigned int md5Parts, chlStringParts, newHashParts[5];
	421	long long nHigh = 0, nLow = 0;
	422	int i, n;
	423
	424	/* Create the MD5 hash */
	425	md5_init(&md5c);
[5ebff60]	426	md5_append(&md5c, (unsigned char *) challenge, strlen(challenge));
	427	md5_append(&md5c, (unsigned char *) MSNP11_PROD_KEY, strlen(MSNP11_PROD_KEY));
[21029d0]	428	md5_finish(&md5c, md5Hash);
	429
	430	/* Split it into four integers */
[5ebff60]	431	md5Parts = (unsigned int *) md5Hash;
	432	for (i = 0; i < 4; i++) {
[523fb23]	433	md5Parts[i] = GUINT32_TO_LE(md5Parts[i]);
[5ebff60]	434
[21029d0]	435	/* & each integer with 0x7FFFFFFF */
	436	/* and save one unmodified array for later */
	437	newHashParts[i] = md5Parts[i];
	438	md5Parts[i] &= 0x7FFFFFFF;
	439	}
[5ebff60]	440
[21029d0]	441	/* make a new string and pad with '0' */
[5ebff60]	442	n = g_snprintf(buf, sizeof(buf) - 5, "%s%s00000000", challenge, MSNP11_PROD_ID);
[21029d0]	443	/* truncate at an 8-byte boundary */
[5ebff60]	444	buf[n &= ~7] = '\0';
	445
[21029d0]	446	/* split into integers */
[5ebff60]	447	chlStringParts = (unsigned int *) buf;
	448
[21029d0]	449	/* this is magic */
[5ebff60]	450	for (i = 0; i < (n / 4) - 1; i += 2) {
[21029d0]	451	long long temp;
	452
[523fb23]	453	chlStringParts[i] = GUINT32_TO_LE(chlStringParts[i]);
[5ebff60]	454	chlStringParts[i + 1] = GUINT32_TO_LE(chlStringParts[i + 1]);
[21029d0]	455
[5ebff60]	456	temp =
	457	(md5Parts[0] *
	458	(((0x0E79A9C1 *
	459	(long long) chlStringParts[i]) % 0x7FFFFFFF) + nHigh) + md5Parts[1]) % 0x7FFFFFFF;
	460	nHigh =
	461	(md5Parts[2] *
	462	(((long long) chlStringParts[i + 1] + temp) % 0x7FFFFFFF) + md5Parts[3]) % 0x7FFFFFFF;
[21029d0]	463	nLow = nLow + nHigh + temp;
	464	}
[5ebff60]	465	nHigh = (nHigh + md5Parts[1]) % 0x7FFFFFFF;
	466	nLow = (nLow + md5Parts[3]) % 0x7FFFFFFF;
	467
[21029d0]	468	newHashParts[0] ^= nHigh;
	469	newHashParts[1] ^= nLow;
	470	newHashParts[2] ^= nHigh;
	471	newHashParts[3] ^= nLow;
[5ebff60]	472
[21029d0]	473	/* swap more bytes if big endian */
[5ebff60]	474	for (i = 0; i < 4; i++) {
	475	newHashParts[i] = GUINT32_TO_LE(newHashParts[i]);
	476	}
	477
[21029d0]	478	/* make a string of the parts */
[5ebff60]	479	newHash = (unsigned char *) newHashParts;
	480
[21029d0]	481	/* convert to hexadecimal */
	482	output = g_new(char, 33);
[5ebff60]	483	for (i = 0; i < 16; i++) {
[21029d0]	484	sprintf(output + i * 2, "%02x", newHash[i]);
[5ebff60]	485	}
	486
[21029d0]	487	return output;
	488	}
[ca7de3a]	489
[5ebff60]	490	gint msn_domaintree_cmp(gconstpointer a_, gconstpointer b_)
[ca7de3a]	491	{
	492	const char a = a_, b = b_;
	493	gint ret;
[5ebff60]	494
	495	if (!(a = strchr(a, '@')) \|\| !(b = strchr(b, '@')) \|\|
	496	(ret = strcmp(a, b)) == 0) {
	497	ret = strcmp(a_, b_);
	498	}
	499
[ca7de3a]	500	return ret;
	501	}
[ff27648]	502
[5ebff60]	503	struct msn_group msn_group_by_name(struct im_connection ic, const char *name)
[ff27648]	504	{
	505	struct msn_data *md = ic->proto_data;
	506	GSList *l;
[5ebff60]	507
	508	for (l = md->groups; l; l = l->next) {
[ff27648]	509	struct msn_group *mg = l->data;
[5ebff60]	510
	511	if (g_strcasecmp(mg->name, name) == 0) {
[ff27648]	512	return mg;
[5ebff60]	513	}
[ff27648]	514	}
[5ebff60]	515
[ff27648]	516	return NULL;
	517	}
	518
[5ebff60]	519	struct msn_group msn_group_by_id(struct im_connection ic, const char *id)
[ff27648]	520	{
	521	struct msn_data *md = ic->proto_data;
	522	GSList *l;
[5ebff60]	523
	524	for (l = md->groups; l; l = l->next) {
[ff27648]	525	struct msn_group *mg = l->data;
[5ebff60]	526
	527	if (g_strcasecmp(mg->id, id) == 0) {
[ff27648]	528	return mg;
[5ebff60]	529	}
[ff27648]	530	}
[5ebff60]	531
[ff27648]	532	return NULL;
	533	}
[e0e1546]	534
[5ebff60]	535	int msn_ns_set_display_name(struct im_connection ic, const char value)
[e0e1546]	536	{
	537	struct msn_data *md = ic->proto_data;
[5ebff60]	538	char fn[strlen(value) * 3 + 1];
	539
	540	strcpy(fn, value);
	541	http_encode(fn);
	542
[e0e1546]	543	/* Note: We don't actually know if the server accepted the new name,
	544	and won't give proper feedback yet if it doesn't. */
[5ebff60]	545	return msn_ns_write(ic, -1, "PRP %d MFN %s\r\n", ++md->trId, fn);
[e0e1546]	546	}
[79bb7e4]	547
[5ebff60]	548	const char msn_normalize_handle(const char handle)
[79bb7e4]	549	{
[5ebff60]	550	if (strncmp(handle, "1:", 2) == 0) {
[79bb7e4]	551	return handle + 2;
[5ebff60]	552	} else {
[79bb7e4]	553	return handle;
[5ebff60]	554	}
[79bb7e4]	555	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: protocols/msn/msn_util.c @ d16e951

Download in other formats: