lynx/patches/lynx-2.8.5rel.3.patch

# ------------------------------------------------------------------------------
# CHANGES                             |    5 ++
# WWW/Library/Implementation/HTMIME.c |   82 +++++++++++++++++++--------------
# WWW/Library/Implementation/HTMIME.h |   12 ----
# WWW/Library/Implementation/HTNews.c |   83 +++++++++-------------------------
# configure                           |    2 
# configure.in                        |    4 -
# lynx.cfg                            |    4 -
# userdefs.h                          |    4 -
# 8 files changed, 84 insertions(+), 112 deletions(-)
# ------------------------------------------------------------------------------
Index: CHANGES
--- 2.8.5rel.2/CHANGES	Thu Apr 22 16:08:10 2004
+++ 2.8.5rel.3/CHANGES	Mon Oct 17 13:47:09 2005
@@ -1,6 +1,11 @@
 Changes since Lynx 2.8 release
 ===============================================================================
 
+2004-10-17 (2.8.5rel.3 fixes from 2.8.6dev.14)
+* eliminate fixed-size buffers in LYExpandHostForURL() to guard against
+  buffer overflow resulting from too-long domain prefix/suffix data from
+  lynx.cfg (report by Ulf Harnhammar, CAN-2005-3120) -TD
+
 2004-04-22 (2.8.5rel.2 fixes from 2.8.6dev.1)
 * correct ifdef in LYgetattrs() to ensure that getattrs() is used only if the
   configure script actually found it (report/patch by Paul Gilmartin).
Index: WWW/Library/Implementation/HTMIME.c
Prereq:  0.2 
--- 2.8.5rel.2/WWW/Library/Implementation/HTMIME.c	Wed Jan  7 18:03:09 2004
+++ 2.8.5rel.3/WWW/Library/Implementation/HTMIME.c	Mon Oct 17 13:47:09 2005
@@ -2062,27 +2062,23 @@
 **
 **	Written by S. Ichikawa,
 **	partially inspired by encdec.c of <jh@efd.lth.se>.
-**	Assume caller's buffer is LINE_LENGTH bytes, these decode to
-**	no longer than the input strings.
 */
-#define LINE_LENGTH 512		/* Maximum length of line of ARTICLE etc */
-#ifdef ESC
-#undef ESC
-#endif /* ESC */
 #include <LYCharVals.h>  /* S/390 -- gil -- 0163 */
-#define ESC	CH_ESC
 
 PRIVATE char HTmm64[] =
     "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=" ;
 PRIVATE char HTmmquote[] = "0123456789ABCDEF";
 PRIVATE int HTmmcont = 0;
 
-PUBLIC void HTmmdec_base64 ARGS2(
-	char *,		t,
+PRIVATE void HTmmdec_base64 ARGS2(
+	char **,	t,
 	char *,		s)
 {
     int   d, count, j, val;
-    char  buf[LINE_LENGTH], *bp, nw[4], *p;
+    char *buf, *bp, nw[4], *p;
+
+    if ((buf = malloc(strlen(s) * 3 + 1)) == 0)
+	outofmem(__FILE__, "HTmmdec_base64");
 
     for (bp = buf; *s; s += 4) {
 	val = 0;
@@ -2113,14 +2109,18 @@
 	    *bp++ = nw[2];
     }
     *bp = '\0';
-    strcpy(t, buf);
+    StrAllocCopy(*t, buf);
+    FREE(buf);
 }
 
-PUBLIC void HTmmdec_quote ARGS2(
-	char *,		t,
+PRIVATE void HTmmdec_quote ARGS2(
+	char **,	t,
 	char *,		s)
 {
-    char  buf[LINE_LENGTH], cval, *bp, *p;
+    char *buf, cval, *bp, *p;
+
+    if ((buf = malloc(strlen(s) + 1)) == 0)
+	outofmem(__FILE__, "HTmmdec_quote");
 
     for (bp = buf; *s; ) {
 	if (*s == '=') {
@@ -2147,23 +2147,27 @@
 	}
     }
     *bp = '\0';
-    strcpy(t, buf);
+    StrAllocCopy(*t, buf);
+    FREE(buf);
 }
 
 /*
 **	HTmmdecode for ISO-2022-JP - FM
 */
 PUBLIC void HTmmdecode ARGS2(
-	char *,		trg,
+	char **,	trg,
 	char *,		str)
 {
-    char buf[LINE_LENGTH], mmbuf[LINE_LENGTH];
+    char *buf;
+    char *mmbuf = NULL;
+    char *m2buf = NULL;
     char *s, *t, *u;
     int  base64, quote;
 
-    buf[0] = '\0';
-
-    for (s = str, u = buf; *s; ) {
+    if ((buf = malloc(strlen(str) + 1)) == 0)
+	outofmem(__FILE__, "HTmmdecode");
+  
+    for (s = str, u = buf; *s;) {
 	if (!strncasecomp(s, "=?ISO-2022-JP?B?", 16)) {
 	    base64 = 1;
 	} else {
@@ -2181,11 +2185,14 @@
 			u--;
 		}
 	    }
+	    if (mmbuf == 0)	/* allocate buffer big enough for source */
+		StrAllocCopy(mmbuf, str);
 	    for (s += 16, t = mmbuf; *s; ) {
 		if (s[0] == '?' && s[1] == '=') {
 		    break;
 		} else {
 		    *t++ = *s++;
+		    *t = '\0';
 		}
 	    }
 	    if (s[0] != '?' || s[1] != '=') {
@@ -2195,14 +2202,12 @@
 		*t = '\0';
 	    }
 	    if (base64)
-		HTmmdec_base64(mmbuf, mmbuf);
+		HTmmdec_base64(&m2buf, mmbuf);
 	    if (quote)
-		HTmmdec_quote(mmbuf, mmbuf);
-	    for (t = mmbuf; *t; )
+		HTmmdec_quote(&m2buf, mmbuf);
+	    for (t = m2buf; *t; )
 		*u++ = *t++;
 	    HTmmcont = 1;
-	    /* if (*s == ' ' || *s == '\t') *u++ = *s; */
-	    /* for ( ; *s == ' ' || *s == '\t'; s++) ; */
 	} else {
 	    if (*s != ' ' && *s != '\t')
 		HTmmcont = 0;
@@ -2211,7 +2216,10 @@
     }
     *u = '\0';
 end:
-    strcpy(trg, buf);
+    StrAllocCopy(*t, buf);
+    FREE(m2buf);
+    FREE(mmbuf);
+    FREE(buf);
 }
 
 /*
@@ -2219,22 +2227,27 @@
 **  (The author of this function "rjis" is S. Ichikawa.)
 */
 PUBLIC int HTrjis ARGS2(
-	char *,		t,
+	char **,	t,
 	char *,		s)
 {
-    char *p, buf[LINE_LENGTH];
+    char *p;
+    char *buf = NULL;
     int kanji = 0;
 
-    if (strchr(s, ESC) || !strchr(s, '$')) {
-	if (s != t)
-	    strcpy(t, s);
+    if (strchr(s, CH_ESC) || !strchr(s, '$')) {
+	if (s != *t)
+	    StrAllocCopy(*t, s);
 	return 1;
     }
+
+    if ((buf = malloc(strlen(s) * 2 + 1)) == 0)
+	outofmem(__FILE__, "HTrjis");
+
     for (p = buf; *s; ) {
 	if (!kanji && s[0] == '$' && (s[1] == '@' || s[1] == 'B')) {
 	    if (HTmaybekanji((int)s[2], (int)s[3])) {
 		kanji = 1;
-		*p++ = ESC;
+		*p++ = CH_ESC;
 		*p++ = *s++;
 		*p++ = *s++;
 		*p++ = *s++;
@@ -2246,7 +2259,7 @@
 	}
 	if (kanji && s[0] == '(' && (s[1] == 'J' || s[1] == 'B')) {
 	    kanji = 0;
-	    *p++ = ESC;
+	    *p++ = CH_ESC;
 	    *p++ = *s++;
 	    *p++ = *s++;
 	    continue;
@@ -2255,7 +2268,8 @@
     }
     *p = *s;	/* terminate string */
 
-    strcpy(t, buf);
+    StrAllocCopy(*t, buf);
+    FREE(buf);
     return 0;
 }
 
Index: WWW/Library/Implementation/HTMIME.h
--- 2.8.5rel.2/WWW/Library/Implementation/HTMIME.h	Wed Jan 22 01:43:13 2003
+++ 2.8.5rel.3/WWW/Library/Implementation/HTMIME.h	Mon Oct 17 13:47:09 2005
@@ -67,20 +67,12 @@
   For handling Japanese headers.
 
 */
-extern void HTmmdec_base64 PARAMS((
-	char *	t,
-	char *	s));
-
-extern void HTmmdec_quote PARAMS((
-	char *	t,
-	char *	s));
-
 extern void HTmmdecode PARAMS((
-	char *	trg,
+	char **	trg,
 	char *	str));
 
 extern int HTrjis PARAMS((
-	char *	t,
+	char **	t,
 	char *	s));
 
 extern int HTmaybekanji PARAMS((
Index: WWW/Library/Implementation/HTNews.c
--- 2.8.5rel.2/WWW/Library/Implementation/HTNews.c	Wed Jan  7 18:03:09 2004
+++ 2.8.5rel.3/WWW/Library/Implementation/HTNews.c	Mon Oct 17 13:47:09 2005
@@ -940,7 +940,6 @@
     }
 }
 
-#ifdef SH_EX	/* for MIME */
 #ifdef NEWS_DEBUG
 /* for DEBUG 1997/11/07 (Fri) 17:20:16 */
 void debug_print(unsigned char *p)
@@ -962,45 +961,15 @@
 }
 #endif
 
-static char *decode_mime(char *str)
+static char *decode_mime(char **str)
 {
-    char temp[LINE_LENGTH];	/* FIXME: what determines the actual size? */
-    char *p, *q;
-
-    if (str == NULL)
-	return "";
-
+#ifdef SH_EX
     if (HTCJK != JAPANESE)
-	return str;
-
-    LYstrncpy(temp, str, sizeof(temp) - 1);
-    q = temp;
-    while ((p = strchr(q, '=')) != 0) {
-	if (p[1] == '?') {
-	    HTmmdecode(p, p);
-	    q = p + 2;
-	} else {
-	    q = p + 1;
-	}
-    }
-#ifdef NEWS_DEBUG
-    printf("new=[");
-    debug_print(temp);
+	return *str;
 #endif
-    HTrjis(temp, temp);
-    strcpy(str, temp);
-
-    return str;
-}
-#else /* !SH_EX */
-static char *decode_mime ARGS1(char *, str)
-{
-    HTmmdecode(str, str);
-    HTrjis(str, str);
-    return str;
+    HTmmdecode(str, *str);
+    return HTrjis(str, *str) ? *str : "";
 }
-#endif
-
 
 /*	Read in an Article					read_article
 **	------------------
@@ -1087,22 +1056,22 @@
 
 		} else if (match(full_line, "SUBJECT:")) {
 		    StrAllocCopy(subject, HTStrip(strchr(full_line,':')+1));
-		    decode_mime(subject);
+		    decode_mime(&subject);
 		} else if (match(full_line, "DATE:")) {
 		    StrAllocCopy(date, HTStrip(strchr(full_line,':')+1));
 
 		} else if (match(full_line, "ORGANIZATION:")) {
 		    StrAllocCopy(organization,
 				 HTStrip(strchr(full_line,':')+1));
-		    decode_mime(organization);
+		    decode_mime(&organization);
 
 		} else if (match(full_line, "FROM:")) {
 		    StrAllocCopy(from, HTStrip(strchr(full_line,':')+1));
-		    decode_mime(from);
+		    decode_mime(&from);
 
 		} else if (match(full_line, "REPLY-TO:")) {
 		    StrAllocCopy(replyto, HTStrip(strchr(full_line,':')+1));
-		    decode_mime(replyto);
+		    decode_mime(&replyto);
 
 		} else if (match(full_line, "NEWSGROUPS:")) {
 		    StrAllocCopy(newsgroups, HTStrip(strchr(full_line,':')+1));
@@ -1711,8 +1680,8 @@
 	int,		last_required)
 {
     char line[LINE_LENGTH+1];
-    char author[LINE_LENGTH+1];
-    char subject[LINE_LENGTH+1];
+    char *author = NULL;
+    char *subject = NULL;
     char *date = NULL;
     int i;
     char *p;
@@ -1725,7 +1694,6 @@
     int status, count, first, last;	/* Response fields */
 					/* count is only an upper limit */
 
-    author[0] = '\0';
     START(HTML_HEAD);
     PUTC('\n');
     START(HTML_TITLE);
@@ -1946,8 +1914,8 @@
 			case 'S':
 			case 's':
 			    if (match(line, "SUBJECT:")) {
-				LYstrncpy(subject, line+9, sizeof(subject)-1);/* Save subject */
-				decode_mime(subject);
+				StrAllocCopy(subject, line + 9);
+				decode_mime(&subject);
 			    }
 			    break;
 
@@ -1964,10 +1932,8 @@
 			case 'F':
 			    if (match(line, "FROM:")) {
 				char * p2;
-				LYstrncpy(author,
-					author_name(strchr(line,':')+1),
-					sizeof(author)-1);
-				decode_mime(author);
+				StrAllocCopy(author, strchr(line, ':') + 1);
+				decode_mime(&author);
 				p2 = author + strlen(author) - 1;
 				if (*p2==LF)
 				    *p2 = '\0'; /* Chop off newline */
@@ -1988,11 +1954,8 @@
 
 		PUTC('\n');
 		START(HTML_LI);
-#ifdef SH_EX	/* for MIME */
-		HTSprintf0(&temp, "\"%s\"", decode_mime(subject));
-#else
-		HTSprintf0(&temp, "\"%s\"", subject);
-#endif
+		p = decode_mime(&subject);
+		HTSprintf0(&temp, "\"%s\"", NonNull(p));
 		if (reference) {
 		    write_anchor(temp, reference);
 		    FREE(reference);
@@ -2001,18 +1964,14 @@
 		}
 		FREE(temp);
 
-		if (author[0] != '\0') {
+		if (author != NULL) {
 		     PUTS(" - ");
 		     if (LYListNewsDates)
 			 START(HTML_I);
-#ifdef SH_EX	/* for MIME */
-		     PUTS(decode_mime(author));
-#else
-		     PUTS(author);
-#endif
+		    PUTS(decode_mime(&author));
 		     if (LYListNewsDates)
 			 END(HTML_I);
-		     author[0] = '\0';
+		    FREE(author);
 		}
 		if (date) {
 		    if (!diagnostic) {
@@ -2055,6 +2014,8 @@
 		MAYBE_END(HTML_LI);
 	    } /* Handle response to HEAD request */
 	} /* Loop over article */
+	FREE(author);
+	FREE(subject);
     } /* If read headers */
     PUTC('\n');
     if (LYListNewsNumbers)
Index: configure
--- 2.8.5rel.2/configure	Wed Feb  4 04:07:09 2004
+++ 2.8.5rel.3/configure	Wed Feb  4 04:07:09 2004
@@ -723,7 +723,7 @@
 
 PACKAGE=lynx
 # $Format: "VERSION=$ProjectVersion$"$
-VERSION=2.8.5rel.2
+VERSION=2.8.5rel.3
 
 
 
Index: configure.in
--- 2.8.5rel.2/configure.in	Wed Feb  4 04:07:09 2004
+++ 2.8.5rel.3/configure.in	Wed Feb  4 04:07:09 2004
@@ -5,7 +5,7 @@
 dnl
 dnl ask PRCS to plug-in the project-version for the configure-script.
 dnl $Format: "AC_REVISION($ProjectVersion$)"$
-AC_REVISION(2.8.5rel.2)
+AC_REVISION(2.8.5rel.3)
 
 # Save the original $CFLAGS so we can distinguish whether the user set those
 # in the environment, or whether autoconf added -O and -g options:
@@ -33,7 +33,7 @@
 PACKAGE=lynx
 dnl ask PRCS to plug-in the project-version for the packages.
 # $Format: "VERSION=$ProjectVersion$"$
-VERSION=2.8.5rel.2
+VERSION=2.8.5rel.3
 AC_SUBST(PACKAGE)
 AC_SUBST(VERSION)
 AC_SUBST(DESTDIR)
Index: lynx.cfg
--- 2.8.5rel.2/lynx.cfg	Wed Jan 28 11:30:38 2004
+++ 2.8.5rel.3/lynx.cfg	Wed Jan 28 11:30:38 2004
@@ -3,10 +3,10 @@
 #                                     or Lynx_Dir:lynx.cfg (VMS)
 #
 # $Format: "#PRCS LYNX_VERSION \"$ProjectVersion$\""$
-#PRCS LYNX_VERSION "2.8.5rel.2"
+#PRCS LYNX_VERSION "2.8.5rel.3"
 #
 # $Format: "#PRCS LYNX_DATE \"$ProjectDate$\""$
-#PRCS LYNX_DATE "Thu, 22 Apr 2004 16:08:10 -0700"
+#PRCS LYNX_DATE "Mon, 17 Oct 2005 13:47:09 -0700"
 #
 # Definition pairs are of the form  VARIABLE:DEFINITION
 # NO spaces are allowed between the pair items.
Index: userdefs.h
--- 2.8.5rel.2/userdefs.h	Mon Feb  2 12:02:28 2004
+++ 2.8.5rel.3/userdefs.h	Mon Feb  2 12:02:28 2004
@@ -1360,11 +1360,11 @@
  * the version definition with the Project Version on checkout.  Just
  * ignore it. - kw */
 /* $Format: "#define LYNX_VERSION \"$ProjectVersion$\""$ */
-#define LYNX_VERSION "2.8.5rel.2"
+#define LYNX_VERSION "2.8.5rel.3"
 #define LYNX_WWW_HOME "http://lynx.isc.org/"
 #define LYNX_WWW_DIST "http://lynx.isc.org/current/"
 /* $Format: "#define LYNX_DATE \"$ProjectDate$\""$ */
-#define LYNX_DATE "Thu, 22 Apr 2004 16:08:10 -0700"
+#define LYNX_DATE "Mon, 17 Oct 2005 13:47:09 -0700"
 #define LYNX_DATE_OFF 5		/* truncate the automatically-generated date */
 #define LYNX_DATE_LEN 11	/* truncate the automatically-generated date */
 
1	niro	153	# ------------------------------------------------------------------------------
2			# CHANGES \| 5 ++
3			# WWW/Library/Implementation/HTMIME.c \| 82 +++++++++++++++++++--------------
4			# WWW/Library/Implementation/HTMIME.h \| 12 ----
5			# WWW/Library/Implementation/HTNews.c \| 83 +++++++++-------------------------
6			# configure \| 2
7			# configure.in \| 4 -
8			# lynx.cfg \| 4 -
9			# userdefs.h \| 4 -
10			# 8 files changed, 84 insertions(+), 112 deletions(-)
11			# ------------------------------------------------------------------------------
12			Index: CHANGES
13			--- 2.8.5rel.2/CHANGES Thu Apr 22 16:08:10 2004
14			+++ 2.8.5rel.3/CHANGES Mon Oct 17 13:47:09 2005
15			@@ -1,6 +1,11 @@
16			Changes since Lynx 2.8 release
17			===============================================================================
18
19			+2004-10-17 (2.8.5rel.3 fixes from 2.8.6dev.14)
20			+* eliminate fixed-size buffers in LYExpandHostForURL() to guard against
21			+ buffer overflow resulting from too-long domain prefix/suffix data from
22			+ lynx.cfg (report by Ulf Harnhammar, CAN-2005-3120) -TD
23			+
24			2004-04-22 (2.8.5rel.2 fixes from 2.8.6dev.1)
25			* correct ifdef in LYgetattrs() to ensure that getattrs() is used only if the
26			configure script actually found it (report/patch by Paul Gilmartin).
27			Index: WWW/Library/Implementation/HTMIME.c
28			Prereq: 0.2
29			--- 2.8.5rel.2/WWW/Library/Implementation/HTMIME.c Wed Jan 7 18:03:09 2004
30			+++ 2.8.5rel.3/WWW/Library/Implementation/HTMIME.c Mon Oct 17 13:47:09 2005
31			@@ -2062,27 +2062,23 @@
32			**
33			** Written by S. Ichikawa,
34			** partially inspired by encdec.c of <jh@efd.lth.se>.
35			-** Assume caller's buffer is LINE_LENGTH bytes, these decode to
36			-** no longer than the input strings.
37			*/
38			-#define LINE_LENGTH 512 /* Maximum length of line of ARTICLE etc */
39			-#ifdef ESC
40			-#undef ESC
41			-#endif /* ESC */
42			#include <LYCharVals.h> /* S/390 -- gil -- 0163 */
43			-#define ESC CH_ESC
44
45			PRIVATE char HTmm64[] =
46			"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=" ;
47			PRIVATE char HTmmquote[] = "0123456789ABCDEF";
48			PRIVATE int HTmmcont = 0;
49
50			-PUBLIC void HTmmdec_base64 ARGS2(
51			- char *, t,
52			+PRIVATE void HTmmdec_base64 ARGS2(
53			+ char **, t,
54			char *, s)
55			{
56			int d, count, j, val;
57			- char buf[LINE_LENGTH], bp, nw[4], p;
58			+ char buf, bp, nw[4], *p;
59			+
60			+ if ((buf = malloc(strlen(s) * 3 + 1)) == 0)
61			+ outofmem(__FILE__, "HTmmdec_base64");
62
63			for (bp = buf; *s; s += 4) {
64			val = 0;
65			@@ -2113,14 +2109,18 @@
66			*bp++ = nw[2];
67			}
68			*bp = '\0';
69			- strcpy(t, buf);
70			+ StrAllocCopy(*t, buf);
71			+ FREE(buf);
72			}
73
74			-PUBLIC void HTmmdec_quote ARGS2(
75			- char *, t,
76			+PRIVATE void HTmmdec_quote ARGS2(
77			+ char **, t,
78			char *, s)
79			{
80			- char buf[LINE_LENGTH], cval, bp, p;
81			+ char buf, cval, bp, *p;
82			+
83			+ if ((buf = malloc(strlen(s) + 1)) == 0)
84			+ outofmem(__FILE__, "HTmmdec_quote");
85
86			for (bp = buf; *s; ) {
87			if (*s == '=') {
88			@@ -2147,23 +2147,27 @@
89			}
90			}
91			*bp = '\0';
92			- strcpy(t, buf);
93			+ StrAllocCopy(*t, buf);
94			+ FREE(buf);
95			}
96
97			/*
98			** HTmmdecode for ISO-2022-JP - FM
99			*/
100			PUBLIC void HTmmdecode ARGS2(
101			- char *, trg,
102			+ char **, trg,
103			char *, str)
104			{
105			- char buf[LINE_LENGTH], mmbuf[LINE_LENGTH];
106			+ char *buf;
107			+ char *mmbuf = NULL;
108			+ char *m2buf = NULL;
109			char s, t, *u;
110			int base64, quote;
111
112			- buf[0] = '\0';
113			-
114			- for (s = str, u = buf; *s; ) {
115			+ if ((buf = malloc(strlen(str) + 1)) == 0)
116			+ outofmem(__FILE__, "HTmmdecode");
117			+
118			+ for (s = str, u = buf; *s;) {
119			if (!strncasecomp(s, "=?ISO-2022-JP?B?", 16)) {
120			base64 = 1;
121			} else {
122			@@ -2181,11 +2185,14 @@
123			u--;
124			}
125			}
126			+ if (mmbuf == 0) /* allocate buffer big enough for source */
127			+ StrAllocCopy(mmbuf, str);
128			for (s += 16, t = mmbuf; *s; ) {
129			if (s[0] == '?' && s[1] == '=') {
130			break;
131			} else {
132			t++ = s++;
133			+ *t = '\0';
134			}
135			}
136			if (s[0] != '?' \|\| s[1] != '=') {
137			@@ -2195,14 +2202,12 @@
138			*t = '\0';
139			}
140			if (base64)
141			- HTmmdec_base64(mmbuf, mmbuf);
142			+ HTmmdec_base64(&m2buf, mmbuf);
143			if (quote)
144			- HTmmdec_quote(mmbuf, mmbuf);
145			- for (t = mmbuf; *t; )
146			+ HTmmdec_quote(&m2buf, mmbuf);
147			+ for (t = m2buf; *t; )
148			u++ = t++;
149			HTmmcont = 1;
150			- /* if (s == ' ' \|\| s == '\t') u++ = s; */
151			- /* for ( ; s == ' ' \|\| s == '\t'; s++) ; */
152			} else {
153			if (s != ' ' && s != '\t')
154			HTmmcont = 0;
155			@@ -2211,7 +2216,10 @@
156			}
157			*u = '\0';
158			end:
159			- strcpy(trg, buf);
160			+ StrAllocCopy(*t, buf);
161			+ FREE(m2buf);
162			+ FREE(mmbuf);
163			+ FREE(buf);
164			}
165
166			/*
167			@@ -2219,22 +2227,27 @@
168			** (The author of this function "rjis" is S. Ichikawa.)
169			*/
170			PUBLIC int HTrjis ARGS2(
171			- char *, t,
172			+ char **, t,
173			char *, s)
174			{
175			- char *p, buf[LINE_LENGTH];
176			+ char *p;
177			+ char *buf = NULL;
178			int kanji = 0;
179
180			- if (strchr(s, ESC) \|\| !strchr(s, '$')) {
181			- if (s != t)
182			- strcpy(t, s);
183			+ if (strchr(s, CH_ESC) \|\| !strchr(s, '$')) {
184			+ if (s != *t)
185			+ StrAllocCopy(*t, s);
186			return 1;
187			}
188			+
189			+ if ((buf = malloc(strlen(s) * 2 + 1)) == 0)
190			+ outofmem(__FILE__, "HTrjis");
191			+
192			for (p = buf; *s; ) {
193			if (!kanji && s[0] == '$' && (s[1] == '@' \|\| s[1] == 'B')) {
194			if (HTmaybekanji((int)s[2], (int)s[3])) {
195			kanji = 1;
196			- *p++ = ESC;
197			+ *p++ = CH_ESC;
198			p++ = s++;
199			p++ = s++;
200			p++ = s++;
201			@@ -2246,7 +2259,7 @@
202			}
203			if (kanji && s[0] == '(' && (s[1] == 'J' \|\| s[1] == 'B')) {
204			kanji = 0;
205			- *p++ = ESC;
206			+ *p++ = CH_ESC;
207			p++ = s++;
208			p++ = s++;
209			continue;
210			@@ -2255,7 +2268,8 @@
211			}
212			p = s; /* terminate string */
213
214			- strcpy(t, buf);
215			+ StrAllocCopy(*t, buf);
216			+ FREE(buf);
217			return 0;
218			}
219
220			Index: WWW/Library/Implementation/HTMIME.h
221			--- 2.8.5rel.2/WWW/Library/Implementation/HTMIME.h Wed Jan 22 01:43:13 2003
222			+++ 2.8.5rel.3/WWW/Library/Implementation/HTMIME.h Mon Oct 17 13:47:09 2005
223			@@ -67,20 +67,12 @@
224			For handling Japanese headers.
225
226			*/
227			-extern void HTmmdec_base64 PARAMS((
228			- char * t,
229			- char * s));
230			-
231			-extern void HTmmdec_quote PARAMS((
232			- char * t,
233			- char * s));
234			-
235			extern void HTmmdecode PARAMS((
236			- char * trg,
237			+ char ** trg,
238			char * str));
239
240			extern int HTrjis PARAMS((
241			- char * t,
242			+ char ** t,
243			char * s));
244
245			extern int HTmaybekanji PARAMS((
246			Index: WWW/Library/Implementation/HTNews.c
247			--- 2.8.5rel.2/WWW/Library/Implementation/HTNews.c Wed Jan 7 18:03:09 2004
248			+++ 2.8.5rel.3/WWW/Library/Implementation/HTNews.c Mon Oct 17 13:47:09 2005
249			@@ -940,7 +940,6 @@
250			}
251			}
252
253			-#ifdef SH_EX /* for MIME */
254			#ifdef NEWS_DEBUG
255			/* for DEBUG 1997/11/07 (Fri) 17:20:16 */
256			void debug_print(unsigned char *p)
257			@@ -962,45 +961,15 @@
258			}
259			#endif
260
261			-static char decode_mime(char str)
262			+static char decode_mime(char *str)
263			{
264			- char temp[LINE_LENGTH]; /* FIXME: what determines the actual size? */
265			- char p, q;
266			-
267			- if (str == NULL)
268			- return "";
269			-
270			+#ifdef SH_EX
271			if (HTCJK != JAPANESE)
272			- return str;
273			-
274			- LYstrncpy(temp, str, sizeof(temp) - 1);
275			- q = temp;
276			- while ((p = strchr(q, '=')) != 0) {
277			- if (p[1] == '?') {
278			- HTmmdecode(p, p);
279			- q = p + 2;
280			- } else {
281			- q = p + 1;
282			- }
283			- }
284			-#ifdef NEWS_DEBUG
285			- printf("new=[");
286			- debug_print(temp);
287			+ return *str;
288			#endif
289			- HTrjis(temp, temp);
290			- strcpy(str, temp);
291			-
292			- return str;
293			-}
294			-#else /* !SH_EX */
295			-static char decode_mime ARGS1(char , str)
296			-{
297			- HTmmdecode(str, str);
298			- HTrjis(str, str);
299			- return str;
300			+ HTmmdecode(str, *str);
301			+ return HTrjis(str, str) ? str : "";
302			}
303			-#endif
304			-
305
306			/* Read in an Article read_article
307			** ------------------
308			@@ -1087,22 +1056,22 @@
309
310			} else if (match(full_line, "SUBJECT:")) {
311			StrAllocCopy(subject, HTStrip(strchr(full_line,':')+1));
312			- decode_mime(subject);
313			+ decode_mime(&subject);
314			} else if (match(full_line, "DATE:")) {
315			StrAllocCopy(date, HTStrip(strchr(full_line,':')+1));
316
317			} else if (match(full_line, "ORGANIZATION:")) {
318			StrAllocCopy(organization,
319			HTStrip(strchr(full_line,':')+1));
320			- decode_mime(organization);
321			+ decode_mime(&organization);
322
323			} else if (match(full_line, "FROM:")) {
324			StrAllocCopy(from, HTStrip(strchr(full_line,':')+1));
325			- decode_mime(from);
326			+ decode_mime(&from);
327
328			} else if (match(full_line, "REPLY-TO:")) {
329			StrAllocCopy(replyto, HTStrip(strchr(full_line,':')+1));
330			- decode_mime(replyto);
331			+ decode_mime(&replyto);
332
333			} else if (match(full_line, "NEWSGROUPS:")) {
334			StrAllocCopy(newsgroups, HTStrip(strchr(full_line,':')+1));
335			@@ -1711,8 +1680,8 @@
336			int, last_required)
337			{
338			char line[LINE_LENGTH+1];
339			- char author[LINE_LENGTH+1];
340			- char subject[LINE_LENGTH+1];
341			+ char *author = NULL;
342			+ char *subject = NULL;
343			char *date = NULL;
344			int i;
345			char *p;
346			@@ -1725,7 +1694,6 @@
347			int status, count, first, last; /* Response fields */
348			/* count is only an upper limit */
349
350			- author[0] = '\0';
351			START(HTML_HEAD);
352			PUTC('\n');
353			START(HTML_TITLE);
354			@@ -1946,8 +1914,8 @@
355			case 'S':
356			case 's':
357			if (match(line, "SUBJECT:")) {
358			- LYstrncpy(subject, line+9, sizeof(subject)-1);/* Save subject */
359			- decode_mime(subject);
360			+ StrAllocCopy(subject, line + 9);
361			+ decode_mime(&subject);
362			}
363			break;
364
365			@@ -1964,10 +1932,8 @@
366			case 'F':
367			if (match(line, "FROM:")) {
368			char * p2;
369			- LYstrncpy(author,
370			- author_name(strchr(line,':')+1),
371			- sizeof(author)-1);
372			- decode_mime(author);
373			+ StrAllocCopy(author, strchr(line, ':') + 1);
374			+ decode_mime(&author);
375			p2 = author + strlen(author) - 1;
376			if (*p2==LF)
377			p2 = '\0'; / Chop off newline */
378			@@ -1988,11 +1954,8 @@
379
380			PUTC('\n');
381			START(HTML_LI);
382			-#ifdef SH_EX /* for MIME */
383			- HTSprintf0(&temp, "\"%s\"", decode_mime(subject));
384			-#else
385			- HTSprintf0(&temp, "\"%s\"", subject);
386			-#endif
387			+ p = decode_mime(&subject);
388			+ HTSprintf0(&temp, "\"%s\"", NonNull(p));
389			if (reference) {
390			write_anchor(temp, reference);
391			FREE(reference);
392			@@ -2001,18 +1964,14 @@
393			}
394			FREE(temp);
395
396			- if (author[0] != '\0') {
397			+ if (author != NULL) {
398			PUTS(" - ");
399			if (LYListNewsDates)
400			START(HTML_I);
401			-#ifdef SH_EX /* for MIME */
402			- PUTS(decode_mime(author));
403			-#else
404			- PUTS(author);
405			-#endif
406			+ PUTS(decode_mime(&author));
407			if (LYListNewsDates)
408			END(HTML_I);
409			- author[0] = '\0';
410			+ FREE(author);
411			}
412			if (date) {
413			if (!diagnostic) {
414			@@ -2055,6 +2014,8 @@
415			MAYBE_END(HTML_LI);
416			} /* Handle response to HEAD request */
417			} /* Loop over article */
418			+ FREE(author);
419			+ FREE(subject);
420			} /* If read headers */
421			PUTC('\n');
422			if (LYListNewsNumbers)
423			Index: configure
424			--- 2.8.5rel.2/configure Wed Feb 4 04:07:09 2004
425			+++ 2.8.5rel.3/configure Wed Feb 4 04:07:09 2004
426			@@ -723,7 +723,7 @@
427
428			PACKAGE=lynx
429			# $Format: "VERSION=$ProjectVersion$"$
430			-VERSION=2.8.5rel.2
431			+VERSION=2.8.5rel.3
432
433
434
435			Index: configure.in
436			--- 2.8.5rel.2/configure.in Wed Feb 4 04:07:09 2004
437			+++ 2.8.5rel.3/configure.in Wed Feb 4 04:07:09 2004
438			@@ -5,7 +5,7 @@
439			dnl
440			dnl ask PRCS to plug-in the project-version for the configure-script.
441			dnl $Format: "AC_REVISION($ProjectVersion$)"$
442			-AC_REVISION(2.8.5rel.2)
443			+AC_REVISION(2.8.5rel.3)
444
445			# Save the original $CFLAGS so we can distinguish whether the user set those
446			# in the environment, or whether autoconf added -O and -g options:
447			@@ -33,7 +33,7 @@
448			PACKAGE=lynx
449			dnl ask PRCS to plug-in the project-version for the packages.
450			# $Format: "VERSION=$ProjectVersion$"$
451			-VERSION=2.8.5rel.2
452			+VERSION=2.8.5rel.3
453			AC_SUBST(PACKAGE)
454			AC_SUBST(VERSION)
455			AC_SUBST(DESTDIR)
456			Index: lynx.cfg
457			--- 2.8.5rel.2/lynx.cfg Wed Jan 28 11:30:38 2004
458			+++ 2.8.5rel.3/lynx.cfg Wed Jan 28 11:30:38 2004
459			@@ -3,10 +3,10 @@
460			# or Lynx_Dir:lynx.cfg (VMS)
461			#
462			# $Format: "#PRCS LYNX_VERSION \"$ProjectVersion$\""$
463			-#PRCS LYNX_VERSION "2.8.5rel.2"
464			+#PRCS LYNX_VERSION "2.8.5rel.3"
465			#
466			# $Format: "#PRCS LYNX_DATE \"$ProjectDate$\""$
467			-#PRCS LYNX_DATE "Thu, 22 Apr 2004 16:08:10 -0700"
468			+#PRCS LYNX_DATE "Mon, 17 Oct 2005 13:47:09 -0700"
469			#
470			# Definition pairs are of the form VARIABLE:DEFINITION
471			# NO spaces are allowed between the pair items.
472			Index: userdefs.h
473			--- 2.8.5rel.2/userdefs.h Mon Feb 2 12:02:28 2004
474			+++ 2.8.5rel.3/userdefs.h Mon Feb 2 12:02:28 2004
475			@@ -1360,11 +1360,11 @@
476			* the version definition with the Project Version on checkout. Just
477			* ignore it. - kw */
478			/* $Format: "#define LYNX_VERSION \"$ProjectVersion$\""$ */
479			-#define LYNX_VERSION "2.8.5rel.2"
480			+#define LYNX_VERSION "2.8.5rel.3"
481			#define LYNX_WWW_HOME "http://lynx.isc.org/"
482			#define LYNX_WWW_DIST "http://lynx.isc.org/current/"
483			/* $Format: "#define LYNX_DATE \"$ProjectDate$\""$ */
484			-#define LYNX_DATE "Thu, 22 Apr 2004 16:08:10 -0700"
485			+#define LYNX_DATE "Mon, 17 Oct 2005 13:47:09 -0700"
486			#define LYNX_DATE_OFF 5 /* truncate the automatically-generated date */
487			#define LYNX_DATE_LEN 11 /* truncate the automatically-generated date */
488