putty-source

nhyatt/putty-source

Fork 0

mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00

Commit Graph

Author	SHA1	Message	Date
Simon Tatham	a76109c586	Add some missing casts in ctype functions. I thought I'd found all of these before, but perhaps a few managed to slip in since I last looked. The character argument to the <ctype.h> functions must have the value of an unsigned char or EOF; passing an ordinary char (unless you know char is unsigned on every platform the code will ever go near) risks mistaking '\xFF' for EOF, and causing outright undefined behaviour on byte values in the range 80-FE. Never do it.	2023-03-05 13:15:57 +00:00
Simon Tatham	e24444dba8	Fix manual host key validation. When the user tries to add a string to the CONF_ssh_manual_hostkeys list box, we call a validation function which is supposed to look along the string for either a valid-looking SSH key fingerprint, or a base64 public key blob, and after it finds it, move that key alone to the start of the input string and delete all the surrounding cruft. SHA-256 key fingerprints were being detected all right, but not moved to the start of the string sensibly - we just returned true without rewriting anything. (Probably inadequate testing when I added SHA-256 fairly recently.) And the code that moved a full public-key blob to the front of the string triggered an ASan error on the grounds that it used strcpy with the source and destination overlapping. I actually hadn't known that was supposed to be a bad thing these days! But it's easily fixed by making it a memmove instead.	2021-10-25 18:12:21 +01:00
Simon Tatham	3396c97da9	New library-style 'utils' subdirectories. Now that the new CMake build system is encouraging us to lay out the code like a set of libraries, it seems like a good idea to make them look more _like_ libraries, by putting things into separate modules as far as possible. This fixes several previous annoyances in which you had to link against some object in order to get a function you needed, but that object also contained other functions you didn't need which included link-time symbol references you didn't want to have to deal with. The usual offender was subsidiary supporting programs including misc.c for some innocuous function and then finding they had to deal with the requirements of buildinfo(). This big reorganisation introduces three new subdirectories called 'utils', one at the top level and one in each platform subdir. In each case, the directory contains basically the same files that were previously placed in the 'utils' build-time library, except that the ones that were extremely miscellaneous (misc.c, utils.c, uxmisc.c, winmisc.c, winmiscs.c, winutils.c) have been split up into much smaller pieces.	2021-04-18 08:18:27 +01:00

Author

SHA1

Message

Date

Simon Tatham

a76109c586

Add some missing casts in ctype functions.

I thought I'd found all of these before, but perhaps a few managed to
slip in since I last looked. The character argument to the <ctype.h>
functions must have the value of an unsigned char or EOF; passing an
ordinary char (unless you know char is unsigned on every platform the
code will ever go near) risks mistaking '\xFF' for EOF, and causing
outright undefined behaviour on byte values in the range 80-FE. Never
do it.

2023-03-05 13:15:57 +00:00

Simon Tatham

e24444dba8

Fix manual host key validation.

When the user tries to add a string to the CONF_ssh_manual_hostkeys
list box, we call a validation function which is supposed to look
along the string for either a valid-looking SSH key fingerprint, or a
base64 public key blob, and after it finds it, move that key alone to
the start of the input string and delete all the surrounding cruft.

SHA-256 key fingerprints were being detected all right, but not moved
to the start of the string sensibly - we just returned true without
rewriting anything. (Probably inadequate testing when I added SHA-256
fairly recently.)

And the code that moved a full public-key blob to the front of the
string triggered an ASan error on the grounds that it used strcpy with
the source and destination overlapping. I actually hadn't known that
was supposed to be a bad thing these days! But it's easily fixed by
making it a memmove instead.

2021-10-25 18:12:21 +01:00

Simon Tatham

3396c97da9

New library-style 'utils' subdirectories.

Now that the new CMake build system is encouraging us to lay out the
code like a set of libraries, it seems like a good idea to make them
look more _like_ libraries, by putting things into separate modules as
far as possible.

This fixes several previous annoyances in which you had to link
against some object in order to get a function you needed, but that
object also contained other functions you didn't need which included
link-time symbol references you didn't want to have to deal with. The
usual offender was subsidiary supporting programs including misc.c for
some innocuous function and then finding they had to deal with the
requirements of buildinfo().

This big reorganisation introduces three new subdirectories called
'utils', one at the top level and one in each platform subdir. In each
case, the directory contains basically the same files that were
previously placed in the 'utils' build-time library, except that the
ones that were extremely miscellaneous (misc.c, utils.c, uxmisc.c,
winmisc.c, winmiscs.c, winutils.c) have been split up into much
smaller pieces.

2021-04-18 08:18:27 +01:00

3 Commits