[Pkg-wmaker-commits] [wmfrog] 46/145: 0.2.1 08/2010 : Fixed possible buffer overflows as reported by Petr Pisar / Jim Ramsey Fixed weather.pl for change in weather format as reported bt Ben Parees

Sun Aug 23 05:46:20 UTC 2015

This is an automated email from the git hooks/post-receive script.

dtorrance-guest pushed a commit to branch master
in repository wmfrog.

commit b049293d66a001f51f472a51d57771e1f51bce51
Author: thibautc <thibautc at frenchie.pcf.com>
Date:   Wed Aug 4 11:49:08 2010 -0700

    0.2.1           08/2010 : Fixed possible buffer overflows as reported by Petr Pisar / Jim Ramsey
                    Fixed weather.pl for change in weather format as reported bt Ben Parees
---
 wmfrog/CHANGES         |   2 ++
 wmfrog/Src/weather.pl  |   7 ++++---
 wmfrog/Src/wmFrog.c    |  31 ++++++++++++++-----------------
 wmfrog/builtDist.sh    |   0
 wmfrog/dist/weather.pl |   7 ++++---
 wmfrog/dist/wmfrog     | Bin 171307 -> 192497 bytes
 6 files changed, 24 insertions(+), 23 deletions(-)

diff --git a/wmfrog/CHANGES b/wmfrog/CHANGES
index 3645139..25abcf9 100644
--- a/wmfrog/CHANGES
+++ b/wmfrog/CHANGES
@@ -1,6 +1,8 @@
 
 Version         Description
 -------------------------------------------------------------------------
+0.2.1		08/2010 : Fixed possible buffer overflows as reported by Petr Pisar / Jim Ramsey
+		Fixed weather.pl for change in weather format as reported bt Ben Parees
 0.2.0	Fixed potentail security risk, by storing temp data in ~/.wmapps/ rather than /tmp
 0.1.6		*** Application name changed to wmfrog instead of wmFrog ***
 		Man page added by Marc Brockschmidt
diff --git a/wmfrog/Src/weather.pl b/wmfrog/Src/weather.pl
index 27a4f88..1019f8c 100755
--- a/wmfrog/Src/weather.pl
+++ b/wmfrog/Src/weather.pl
@@ -57,7 +57,7 @@ $line="";
 if($mode eq "http")
 {
     $i=0;
-    while($i!=6)
+    while($i!=8)
     {
 	$line=<DATA>;
 	$i++;
@@ -65,8 +65,9 @@ if($mode eq "http")
 }
 $newLine=<DATA>;
 $line.=$newLine;
-$newLine=<DATA>;
-$line.=$newLine;
+chomp $line;
+$line=~s/<hr>//;
+$line="METAR $station $line";
 close DATA;
 
 chomp $line;
diff --git a/wmfrog/Src/wmFrog.c b/wmfrog/Src/wmFrog.c
index e2d82af..8efb55c 100644
--- a/wmfrog/Src/wmFrog.c
+++ b/wmfrog/Src/wmFrog.c
@@ -66,12 +66,12 @@ char* folder;
 int main(int argc, char *argv[]) {
 int		n, s, m, i, dt1, dt2, dt3    ;
 XEvent		event;
-char		command[1024], Line[512], FileName[10];
+char		command[1024], Line[512], FileName[128];
 FILE		*fp;
- char*          Weather;
- char*          Clouds;
- char* tmp1;
- char* tmp2;
+ char*          Weather = NULL;
+ char*          Clouds = NULL;
+ char* tmp1 = NULL;
+ char* tmp2 = NULL;
  int intensity=0;
  char* precip;
  char* desc;
@@ -213,7 +213,7 @@ FILE		*fp;
 	    
 	    dt2 = 0;
 
-	    sprintf(FileName, "%s/%s", folder, StationID);
+	    snprintf(FileName, 128, "%s/%s", folder, StationID);
 		fprintf(stderr,"%s\n\n",FileName);
     	    if ((fp = fopen(FileName, "r")) != NULL){
 	      fscanf(fp, "Hour:%d", &hour);
@@ -238,12 +238,10 @@ FILE		*fp;
 	      keepgoing=1;
 		    {
 
-		do{
-
-		    
-		    tmp1=mystrsep(&Weather,";");
-		    if(tmp1)
-		      {
+		    if(weatherFound) do {
+		    	tmp1=mystrsep(&Weather,";");
+		    	if(tmp1)
+		      	{
 
 			  tmp2=mystrsep(&tmp1,",");
 			    
@@ -289,7 +287,7 @@ FILE		*fp;
 		while(keepgoing);
 		    }
 
-		do{
+		    if(cloudsFound) do {
 		    tmp1=mystrsep(&Clouds,";");
 		    if(tmp1)
 		      {
@@ -571,7 +569,7 @@ UpToDate = 0;
 	    /*
 	     *  Execute Perl script to grab the Latest METAR Report
 	     */
-	    sprintf(command, "/usr/lib/wmfrog/weather.pl %s %s &", StationID, folder);
+	    snprintf(command, 1024, "/usr/lib/wmfrog/weather.pl %s %s &", StationID, folder);
 	    //printf("Retrieveing data\n");
 	    system(command);
 	    ForceDownload = 0;
@@ -844,12 +842,11 @@ char *GetTempDir(char *suffix)
 {
 	uid_t id;
 	struct passwd *userEntry;
-	char * userHome;
+	static char userHome[128];
 	
 	id=getuid();
 	userEntry=getpwuid(id);
-	userHome=userEntry->pw_dir;
-	sprintf(userHome,"%s/%s",userHome,suffix);
+	snprintf(userHome, 128, "%s/%s", userEntry->pw_dir, suffix);
 	return userHome;
 }
 
diff --git a/wmfrog/builtDist.sh b/wmfrog/builtDist.sh
old mode 100644
new mode 100755
diff --git a/wmfrog/dist/weather.pl b/wmfrog/dist/weather.pl
index 27a4f88..1019f8c 100755
--- a/wmfrog/dist/weather.pl
+++ b/wmfrog/dist/weather.pl
@@ -57,7 +57,7 @@ $line="";
 if($mode eq "http")
 {
     $i=0;
-    while($i!=6)
+    while($i!=8)
     {
 	$line=<DATA>;
 	$i++;
@@ -65,8 +65,9 @@ if($mode eq "http")
 }
 $newLine=<DATA>;
 $line.=$newLine;
-$newLine=<DATA>;
-$line.=$newLine;
+chomp $line;
+$line=~s/<hr>//;
+$line="METAR $station $line";
 close DATA;
 
 chomp $line;
diff --git a/wmfrog/dist/wmfrog b/wmfrog/dist/wmfrog
index e0ac549..7eeefd3 100755
Binary files a/wmfrog/dist/wmfrog and b/wmfrog/dist/wmfrog differ

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-wmaker/wmfrog.git

