kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/www/seamonkey2/files/patch-258005
Joe Marcus Clarke 235d74f954 Patch the various recently reported security vulnerabilities in Mozilla. 
This update covers the following Mozilla bugs:

245066
226669
250862
255067
256316
257317
258005

Thanks to nectar for scraping all of these patches together.

Obtained from:	Mozilla CVS
Approved by:	portmgr (implicit)
2004-09-28 03:20:33 +00:00

278 lines
8.3 KiB
Text
Raw Blame History

Index: nsMsgCompUtils.cpp
===================================================================
RCS file: /cvsroot/mozilla/mailnews/compose/src/nsMsgCompUtils.cpp,v
retrieving revision 1.161
retrieving revision 1.161.10.1
diff -u -r1.161 -r1.161.10.1
--- mailnews/compose/src/nsMsgCompUtils.cpp 12 Mar 2004 07:23:38 -0000 1.161
+++ mailnews/compose/src/nsMsgCompUtils.cpp 8 Sep 2004 19:27:53 -0000 1.161.10.1
@@ -821,16 +821,7 @@
nsresult rv;
nsCOMPtr<nsIPref> prefs(do_GetService(kPrefCID, &rv));
- PRInt32 buffer_size = 2048 + (real_name ? 2*PL_strlen(real_name) : 0) + (base_url ? 2*PL_strlen(base_url) : 0) +
- (type_param ? PL_strlen(type_param) : 0) + (encoding ? PL_strlen(encoding) : 0) +
- (description ? PL_strlen(description) : 0) + (x_mac_type ? PL_strlen(x_mac_type) : 0) +
- (x_mac_creator ? PL_strlen(x_mac_creator) : 0) + (attachmentCharset ? PL_strlen(attachmentCharset) : 0) +
- (bodyCharset ? PL_strlen(bodyCharset) : 0) + (content_id ? PL_strlen(content_id) : 0);
- char *buffer = (char *) PR_Malloc (buffer_size);
- char *buffer_tail = buffer;
-
- if (! buffer)
- return 0; /* NS_ERROR_OUT_OF_MEMORY */
+ nsCString buf("");
NS_ASSERTION (encoding, "null encoding");
@@ -874,14 +865,13 @@
}
}
- PUSH_STRING ("Content-Type: ");
- PUSH_STRING (type);
-
+ buf.Append("Content-Type: ");
+ buf.Append(type);
if (type_param && *type_param)
{
if (*type_param != ';')
- PUSH_STRING("; ");
- PUSH_STRING(type_param);
+ buf.Append("; ");
+ buf.Append(type_param);
}
if (mime_type_needs_charset (type))
@@ -918,8 +908,8 @@
(PL_strcasecmp(encoding, ENCODING_BASE64) != 0)) &&
(*charset_label))
{
- PUSH_STRING ("; charset=");
- PUSH_STRING (charset_label);
+ buf.Append("; charset=");
+ buf.Append(charset_label);
}
}
@@ -930,7 +920,7 @@
if(type && !PL_strcasecmp(type, "text/plain"))
{
if(UseFormatFlowed(bodyCharset))
- PUSH_STRING ("; format=flowed");
+ buf.Append("; format=flowed");
// else
// {
// Don't add a markup. Could use
@@ -942,59 +932,59 @@
}
if (x_mac_type && *x_mac_type) {
- PUSH_STRING ("; x-mac-type=\"");
- PUSH_STRING (x_mac_type);
- PUSH_STRING ("\"");
+ buf.Append("; x-mac-type=\"");
+ buf.Append(x_mac_type);
+ buf.Append("\"");
}
if (x_mac_creator && *x_mac_creator) {
- PUSH_STRING ("; x-mac-creator=\"");
- PUSH_STRING (x_mac_creator);
- PUSH_STRING ("\"");
+ buf.Append("; x-mac-creator=\"");
+ buf.Append(x_mac_creator);
+ buf.Append("\"");
}
#ifdef EMIT_NAME_IN_CONTENT_TYPE
if (encodedRealName && *encodedRealName) {
if (parmFolding == 0 || parmFolding == 1) {
- PUSH_STRING (";\r\n name=\"");
- PUSH_STRING (encodedRealName);
- PUSH_STRING ("\"");
+ buf.Append(";\r\n name=\"");
+ buf.Append(encodedRealName);
+ buf.Append("\"");
}
else // if (parmFolding == 2)
{
char *rfc2231Parm = RFC2231ParmFolding("name", charset.get(),
nsMsgI18NGetAcceptLanguage(), encodedRealName);
if (rfc2231Parm) {
- PUSH_STRING(";\r\n ");
- PUSH_STRING(rfc2231Parm);
+ buf.Append(";\r\n ");
+ buf.Append(rfc2231Parm);
PR_Free(rfc2231Parm);
}
}
}
#endif /* EMIT_NAME_IN_CONTENT_TYPE */
+ buf.Append(CRLF);
- PUSH_NEWLINE ();
+ buf.Append("Content-Transfer-Encoding: ");
+ buf.Append(encoding);
- PUSH_STRING ("Content-Transfer-Encoding: ");
- PUSH_STRING (encoding);
- PUSH_NEWLINE ();
+ buf.Append(CRLF);
if (description && *description) {
char *s = mime_fix_header (description);
if (s) {
- PUSH_STRING ("Content-Description: ");
- PUSH_STRING (s);
- PUSH_NEWLINE ();
+ buf.Append("Content-Description: ");
+ buf.Append(s);
+ buf.Append(CRLF);
PR_Free(s);
}
}
if ( (content_id) && (*content_id) )
{
- PUSH_STRING ("Content-ID: <");
- PUSH_STRING (content_id);
- PUSH_STRING (">");
- PUSH_NEWLINE ();
+ buf.Append("Content-ID: <");
+ buf.Append(content_id);
+ buf.Append(">");
+ buf.Append(CRLF);
}
if (encodedRealName && *encodedRealName) {
@@ -1004,15 +994,15 @@
rv = prefs->GetIntPref("mail.content_disposition_type", &pref_content_disposition);
NS_ASSERTION(NS_SUCCEEDED(rv), "failed to get mail.content_disposition_type");
- PUSH_STRING ("Content-Disposition: ");
+ buf.Append("Content-Disposition: ");
if (pref_content_disposition == 1)
- PUSH_STRING ("attachment");
+ buf.Append("attachment");
else
if (pref_content_disposition == 2 &&
(!PL_strcasecmp(type, TEXT_PLAIN) ||
(period && !PL_strcasecmp(period, ".txt"))))
- PUSH_STRING("attachment");
+ buf.Append("attachment");
/* If this document is an anonymous binary file or a vcard,
then always show it as an attachment, never inline. */
@@ -1020,23 +1010,23 @@
if (!PL_strcasecmp(type, APPLICATION_OCTET_STREAM) ||
!PL_strcasecmp(type, TEXT_VCARD) ||
!PL_strcasecmp(type, APPLICATION_DIRECTORY)) /* text/x-vcard synonym */
- PUSH_STRING ("attachment");
+ buf.Append("attachment");
else
- PUSH_STRING ("inline");
+ buf.Append("inline");
if (parmFolding == 0 || parmFolding == 1) {
- PUSH_STRING (";\r\n filename=\"");
- PUSH_STRING (encodedRealName);
- PUSH_STRING ("\"" CRLF);
+ buf.Append(";\r\n filename=\"");
+ buf.Append(encodedRealName);
+ buf.Append("\"" CRLF);
}
else // if (parmFolding == 2)
{
char *rfc2231Parm = RFC2231ParmFolding("filename", charset.get(),
nsMsgI18NGetAcceptLanguage(), encodedRealName);
if (rfc2231Parm) {
- PUSH_STRING(";\r\n ");
- PUSH_STRING(rfc2231Parm);
- PUSH_NEWLINE ();
+ buf.Append(";\r\n ");
+ buf.Append(rfc2231Parm);
+ buf.Append(CRLF);
PR_Free(rfc2231Parm);
}
}
@@ -1045,7 +1035,7 @@
if (type &&
(!PL_strcasecmp (type, MESSAGE_RFC822) ||
!PL_strcasecmp (type, MESSAGE_NEWS)))
- PUSH_STRING ("Content-Disposition: inline" CRLF);
+ buf.Append("Content-Disposition: inline" CRLF);
#ifdef GENERATE_CONTENT_BASE
/* If this is an HTML document, and we know the URL it originally
@@ -1079,9 +1069,9 @@
prefs->GetBoolPref("mail.use_content_location_on_send", &useContentLocation);
if (useContentLocation)
- PUSH_STRING ("Content-Location: \"");
+ buf.Append("Content-Location: \"");
else
- PUSH_STRING ("Content-Base: \"");
+ buf.Append("Content-Base: \"");
/* rhp - Pref for Content-Location usage */
/* rhp: this is to work with the Content-Location stuff */
@@ -1089,34 +1079,34 @@
while (*s != 0 && *s != '#')
{
- const char *ot = buffer_tail;
-
+ PRUint32 ot=buf.Length();
+ char tmp[]="\x00\x00";
/* URLs must be wrapped at 40 characters or less. */
if (col >= 38) {
- PUSH_STRING(CRLF "\t");
+ buf.Append(CRLF "\t");
col = 0;
}
if (*s == ' ')
- PUSH_STRING("%20");
+ buf.Append("%20");
else if (*s == '\t')
- PUSH_STRING("%09");
+ buf.Append("%09");
else if (*s == '\n')
- PUSH_STRING("%0A");
+ buf.Append("%0A");
else if (*s == '\r')
- PUSH_STRING("%0D");
+ buf.Append("%0D");
else {
- *buffer_tail++ = *s;
- *buffer_tail = '\0';
+ tmp[0]=*s;
+ buf.Append(tmp);
}
s++;
- col += (buffer_tail - ot);
+ col += (buf.Length() - ot);
}
- PUSH_STRING ("\"" CRLF);
+ buf.Append("\"" CRLF);
/* rhp: this is to try to get around this fun problem with Content-Location */
if (!useContentLocation) {
- PUSH_STRING ("Content-Location: \"");
+ buf.Append("Content-Location: \"");
s = base_url;
col = 0;
useContentLocation = PR_TRUE;
@@ -1130,10 +1120,9 @@
#endif /* GENERATE_CONTENT_BASE */
/* realloc it smaller... */
- buffer = (char*) PR_REALLOC (buffer, buffer_tail - buffer + 1);
PR_FREEIF(encodedRealName);
- return buffer;
+ return PL_strdup(buf.get());
}
static PRBool isValidHost( const char* host )
Reference in a new issue View git blame Copy permalink