summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrei Karas <akaras@inbox.ru>2017-02-14 04:17:53 +0300
committerAndrei Karas <akaras@inbox.ru>2017-02-14 14:23:10 +0300
commit8c10bf43797c2d637b7292575271ab201296b020 (patch)
tree53e0dd7c382aec1b213c6ee973be10d8dfb15604
parent9e4376f937257ecb72ef29492516e3de1e882dfd (diff)
downloadManaVerse-8c10bf43797c2d637b7292575271ab201296b020.tar.gz
ManaVerse-8c10bf43797c2d637b7292575271ab201296b020.tar.bz2
ManaVerse-8c10bf43797c2d637b7292575271ab201296b020.tar.xz
ManaVerse-8c10bf43797c2d637b7292575271ab201296b020.zip
Fix possible use after free in curl.
-rw-r--r--src/gui/windows/whoisonline.cpp6
-rw-r--r--src/net/download.cpp6
-rw-r--r--src/settings.cpp3
-rw-r--r--src/settings.h2
4 files changed, 11 insertions, 6 deletions
diff --git a/src/gui/windows/whoisonline.cpp b/src/gui/windows/whoisonline.cpp
index 1bd4a633c..72d4cf90c 100644
--- a/src/gui/windows/whoisonline.cpp
+++ b/src/gui/windows/whoisonline.cpp
@@ -544,9 +544,9 @@ int WhoIsOnline::downloadThread(void *ptr)
&WhoIsOnline::memoryWrite);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, ptr);
- curl_easy_setopt(curl, CURLOPT_USERAGENT,
- strprintf(PACKAGE_EXTENDED_VERSION,
- branding.getStringValue("appName").c_str()).c_str());
+ curl_easy_setopt(curl,
+ CURLOPT_USERAGENT,
+ settings.userAgent.c_str());
curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, wio->mCurlError);
curl_easy_setopt(curl, CURLOPT_URL, url.c_str());
diff --git a/src/net/download.cpp b/src/net/download.cpp
index 1c8a6d8dd..ec10c5d78 100644
--- a/src/net/download.cpp
+++ b/src/net/download.cpp
@@ -322,9 +322,9 @@ int Download::downloadThread(void *ptr)
file);
}
}
- curl_easy_setopt(d->mCurl, CURLOPT_USERAGENT,
- strprintf(PACKAGE_EXTENDED_VERSION,
- branding.getStringValue("appName").c_str()).c_str());
+ curl_easy_setopt(d->mCurl,
+ CURLOPT_USERAGENT,
+ settings.userAgent.c_str());
curl_easy_setopt(d->mCurl, CURLOPT_ERRORBUFFER, d->mError);
curl_easy_setopt(d->mCurl, CURLOPT_URL, d->mUrl.c_str());
diff --git a/src/settings.cpp b/src/settings.cpp
index 57348a394..4aa8f655e 100644
--- a/src/settings.cpp
+++ b/src/settings.cpp
@@ -21,6 +21,7 @@
#include "settings.h"
#include "configuration.h"
+#include "main.h"
#include "debug.h"
@@ -29,4 +30,6 @@ Settings settings;
void Settings::init()
{
uselonglivesprites = config.getBoolValue("uselonglivesprites");
+ userAgent = strprintf(PACKAGE_EXTENDED_VERSION,
+ branding.getStringValue("appName").c_str());
}
diff --git a/src/settings.h b/src/settings.h
index 914532977..d25f27d21 100644
--- a/src/settings.h
+++ b/src/settings.h
@@ -56,6 +56,7 @@ class Settings final
gmCommandSymbol("@"),
gmCharCommandSymbol("#"),
linkCommandSymbol("="),
+ userAgent(),
updateMirrors(),
options(),
guiAlpha(1.0F),
@@ -115,6 +116,7 @@ class Settings final
std::string gmCommandSymbol;
std::string gmCharCommandSymbol;
std::string linkCommandSymbol;
+ std::string userAgent;
std::vector<std::string> updateMirrors;
Options options;
float guiAlpha;