diff options
author | Lars-Dominik Braun <PromyLOPh@gmail.com> | 2008-08-26 17:44:14 +0200 |
---|---|---|
committer | Lars-Dominik Braun <PromyLOPh@gmail.com> | 2008-08-26 17:44:14 +0200 |
commit | aba7bf94292b70797a2448d14624455748d3bd7c (patch) | |
tree | 6f5722b348fbc78c4aa2571a4ec494dbc850ebf8 | |
parent | d950cdec3b3261fe8ca8723b9d4203ae09bbdac3 (diff) | |
download | pianobar-aba7bf94292b70797a2448d14624455748d3bd7c.tar.gz pianobar-aba7bf94292b70797a2448d14624455748d3bd7c.tar.bz2 pianobar-aba7bf94292b70797a2448d14624455748d3bd7c.zip |
wardrobe: Various fixed already applied to piano
Avoid possible buffer overflow and force curl to use GET request even
when POSTed before.
-rw-r--r-- | libwardrobe/src/main.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/libwardrobe/src/main.c b/libwardrobe/src/main.c index 1d8abb7..aa3336a 100644 --- a/libwardrobe/src/main.c +++ b/libwardrobe/src/main.c @@ -45,14 +45,13 @@ void WardrobeSongInit (WardrobeSong_t *ws) { */ size_t WardrobeCurlRetToVar (void *ptr, size_t size, size_t nmemb, void *stream) { - char *charPtr = ptr; char *streamPtr = stream; - if (strlen (streamPtr) + nmemb > WARDROBE_HTTP_BUFFER_SIZE) { + if ((strlen (streamPtr) + nmemb) > (WARDROBE_HTTP_BUFFER_SIZE - 1)) { printf ("buffer overflow...\n"); return 0; } else { - memcpy (streamPtr+strlen(streamPtr), charPtr, size*nmemb); + memcpy (streamPtr+strlen(streamPtr), ptr, size*nmemb); return size*nmemb; } } @@ -70,6 +69,7 @@ void WardrobeHttpGet (CURL *ch, const char *url, char **retData) { memset (curlRet, 0, sizeof (curlRet)); curl_easy_setopt (ch, CURLOPT_URL, url); + curl_easy_setopt (ch, CURLOPT_HTTPGET, 1L); curl_easy_setopt (ch, CURLOPT_WRITEFUNCTION, WardrobeCurlRetToVar); curl_easy_setopt (ch, CURLOPT_WRITEDATA, curlRet); @@ -149,7 +149,6 @@ void WardrobeDestroy (WardrobeHandle_t *wh) { * @return _OK or error */ WardrobeReturn_t WardrobeHandshake (WardrobeHandle_t *wh) { - /* we'll use gmt */ char url[1024], tmp[100], *tmpDigest, *pwDigest, *ret; WardrobeReturn_t fRet = WARDROBE_RET_ERR; time_t currTStamp = time (NULL); |