boinc/lib
David Anderson 9c50abaffa Manager and GUI RPC interface: fix possible buffer overruns
If the user typed an extremely long URL into the
Attach to Account Manager wizard, a buffer overrun could result.
There were several places in the code that assumed user-entered
URLs are small (e.g. 256 chars):
- canonicalize_master_url.cpp()
- several GUI RPC interfaces, when generating XML request message
- URL-escaping (not relevant here, but fix anyway)
Change all these to stay within buffers regardless of URL size.
Note: do this by truncation.
This will cause error messages like "can't connect to project"
rather than saying the URL is too long.  That's OK.
2013-05-27 23:08:02 -07:00
..
mac
Makefile.am Unix build: Makefile changes for "make install", from Steffen Moeller 2013-05-20 15:19:13 -07:00
Makefile.mingw - improvements to Makefile for lib for MinGW, from Bernd 2013-03-05 15:12:52 +01:00
app_ipc.cpp - client and API: add gpu_usage field to APP_INIT_DATA, 2013-03-22 10:39:52 +01:00
app_ipc.h - client and API: add gpu_usage field to APP_INIT_DATA, 2013-03-22 10:39:52 +01:00
average.cpp
average.h - more code cleanup 2012-07-02 19:31:34 +00:00
base64.cpp - lib: switch include order to the way it was (general to specific). 2012-08-11 05:47:18 +00:00
base64.h
boinc_fcgi.cpp - lib: switch include order to the way it was (general to specific). 2012-08-11 05:47:18 +00:00
boinc_fcgi.h
boinc_win.cpp More Line Ending Changes 2013-03-04 17:19:38 +01:00
boinc_win.h - client/manager: move the conditional define of MAXPATHLEN 2013-03-01 16:17:19 +01:00
cal_boinc.h
cc_config.cpp client: add <client_new_version_text> config option 2013-05-20 10:28:19 -07:00
cc_config.h client: add <client_new_version_text> config option 2013-05-20 10:28:19 -07:00
cert_sig.cpp Line ending changes 2013-03-04 17:12:12 +01:00
cert_sig.h
cl_boinc.h
common_defs.h client (Android): GUI reports battery and wifi status to client 2013-05-14 12:28:09 -07:00
coproc.cpp - client: add support for CPU OpenCL apps. 2013-04-16 22:42:29 -07:00
coproc.h client: fix bug that could cause client to never contact project 2013-05-17 10:25:03 -07:00
crypt.cpp - A bunch of tweaks from Steffen Moller, e.g. using MAXPATHLEN 2012-09-21 03:52:24 +00:00
crypt.h - more code cleanup 2012-07-02 19:31:34 +00:00
crypt_prog.cpp
daemonmgt.h
daemonmgt_win.cpp
diagnostics.cpp use MAXPATHLEN and sizeof() a few places; from Gianfranco 2013-05-22 13:56:48 -07:00
diagnostics.h
diagnostics_win.cpp LIB: Standardize on using windows_format_error_string and drop windows_error_string. 2013-03-04 17:39:24 +01:00
diagnostics_win.h Win compile fixes 2012-08-01 21:02:54 +00:00
error_numbers.h - client: check return value of the function (statfs or statvfs) 2013-03-05 15:05:29 +01:00
filesys.cpp Fix for FCGI compile problem in lib/filesys.cpp 2013-03-05 16:38:41 +01:00
filesys.h - client (Win) preallocate large files to avoid file fragmentation 2013-03-04 15:23:37 +01:00
gui_rpc_client.cpp - boinccmd: check RPC replies for errors; show them. 2013-05-03 15:05:30 -07:00
gui_rpc_client.h client: get product name in Android 2013-05-21 13:20:56 -07:00
gui_rpc_client_ops.cpp Manager and GUI RPC interface: fix possible buffer overruns 2013-05-27 23:08:02 -07:00
gui_rpc_client_print.cpp - GUI RPC: expose TIME_STATS info (e.g. on_frac) in 2013-03-01 16:08:52 +01:00
hostinfo.cpp client: parse product_name from state file only on Android 2013-05-23 23:29:44 -07:00
hostinfo.h client: get product name in Android 2013-05-21 13:20:56 -07:00
idlemon.h
idlemon_win.cpp
md5.c
md5.h
md5_file.cpp - lib: switch include order to the way it was (general to specific). 2012-08-11 05:47:18 +00:00
md5_file.h - XML parser: return error if string exceeds buffer size. 2013-03-29 22:36:53 -07:00
md5_test.cpp
mem_usage.cpp - fix a few unlikely but possible file-descriptor leaks 2013-03-01 16:17:19 +01:00
mem_usage.h
mfile.cpp - restore 2 commits erased by Charlie's Dec 10 commit 2013-03-04 17:17:10 +01:00
mfile.h
miofile.cpp - tabs -> spaces 2013-04-02 17:23:37 -07:00
miofile.h - tabs -> spaces 2013-04-02 17:23:37 -07:00
msg_log.cpp - client: treat all 4xx HTTP errors as permanent 2012-08-13 18:23:20 +00:00
msg_log.h - client: treat all 4xx HTTP errors as permanent 2012-08-13 18:23:20 +00:00
msg_queue.cpp - lib: switch include order to the way it was (general to specific). 2012-08-11 05:47:18 +00:00
msg_queue.h - more code cleanup 2012-07-02 19:31:34 +00:00
msg_test.cpp
network.cpp use MAXPATHLEN and sizeof() a few places; from Gianfranco 2013-05-22 13:56:48 -07:00
network.h - code cleanup: in foo.cpp, include foo.h first 2012-08-01 20:04:05 +00:00
notice.cpp - lib: switch include order to the way it was (general to specific). 2012-08-11 05:47:18 +00:00
notice.h
parse.cpp Include <cmath> instead of <math.h> various places 2013-05-27 16:44:22 -07:00
parse.h Condor interface: various fixes, mostly from Jaime Frey 2013-05-27 11:45:10 -07:00
parse_test.cpp Condor interface: various fixes, mostly from Jaime Frey 2013-05-27 11:45:10 -07:00
prefs.cpp client: add battery_charge_min_pct preference (currently for Android) 2013-05-21 10:26:45 -07:00
prefs.h client: add battery_charge_min_pct preference (currently for Android) 2013-05-21 10:26:45 -07:00
proc_control.cpp David 11 Dec 2012 2013-03-04 17:02:40 +01:00
proc_control.h David 11 Dec 2012 2013-03-04 17:02:40 +01:00
procinfo.cpp David 11 Dec 2012 2013-03-04 17:02:40 +01:00
procinfo.h - tabs -> spaces 2013-04-02 17:23:37 -07:00
procinfo_mac.cpp - lib: switch include order to the way it was (general to specific). 2012-08-11 05:47:18 +00:00
procinfo_unix.cpp use MAXPATHLEN and sizeof() a few places; from Gianfranco 2013-05-22 13:56:48 -07:00
procinfo_win.cpp - tabs -> spaces 2013-04-02 17:23:37 -07:00
proxy_info.cpp - tabs -> spaces 2013-04-02 17:23:37 -07:00
proxy_info.h - tabs -> spaces 2013-04-02 17:23:37 -07:00
remote_submit.cpp Condor interface: various fixes, mostly from Jaime Frey 2013-05-27 11:45:10 -07:00
remote_submit.h - client emulator: ignore non-CPU-intensive apps 2013-03-22 22:04:35 -07:00
run_app_windows.cpp LIB: Standardize on using windows_format_error_string and drop windows_error_string. 2013-03-04 17:39:24 +01:00
run_app_windows.h
shmem.cpp - lib: switch include order to the way it was (general to specific). 2012-08-11 05:47:18 +00:00
shmem.h - Client: initial checkin for Android version. From Joachim Fritzsch. 2012-08-04 00:27:32 +00:00
shmem_test.cpp
stackwalker_imports.h - WIN: Don't include the newer DBGHELP symbols in MinGW64. 2012-08-06 15:39:37 +00:00
stackwalker_win.cpp
stackwalker_win.h
std_fixes.h
str_replace.h
str_util.cpp Include <cmath> instead of <math.h> various places 2013-05-27 16:44:22 -07:00
str_util.h - Compile fixes for Fedora core 17. From Christian B. Fixes #1194. 2012-07-02 18:51:02 +00:00
synch.cpp - server: compile fix 2012-08-11 16:42:29 +00:00
synch.h
synch_test.cpp
thread.cpp - code cleanup: in foo.cpp, include foo.h first 2012-08-01 20:04:05 +00:00
thread.h
unix_util.cpp - lib: switch include order to the way it was (general to specific). 2012-08-11 05:47:18 +00:00
unix_util.h
url.cpp Manager and GUI RPC interface: fix possible buffer overruns 2013-05-27 23:08:02 -07:00
url.h Manager and GUI RPC interface: fix possible buffer overruns 2013-05-27 23:08:02 -07:00
util.cpp Include <cmath> instead of <math.h> various places 2013-05-27 16:44:22 -07:00
util.h LIB: Standardize on using windows_format_error_string and drop windows_error_string. 2013-03-04 17:39:24 +01:00
win_util.cpp - client: check return value of FormatMessageW() 2013-04-11 01:22:43 -07:00
win_util.h LIB: Standardize on using windows_format_error_string and drop windows_error_string. 2013-03-04 17:39:24 +01:00
x_util.cpp