fetchmail/fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch

From: Matthew Ogilvie <mmogilvi+fml@zoho.com>
Date: Fri, 21 Dec 2018 09:01:40 -0700
Subject: oauth2.c: calculate and pass in correct buffer size to to64frombits()
Git-repo: https://gitlab.com/fetchmail/fetchmail.git
Git-commit: 914ee333c73baa3c58d1e819ff4d66052e663335

Also allocate the actual needed size instead of an excessively large
approximate size.

---
 oauth2.c |    6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

--- a/oauth2.c
+++ b/oauth2.c
@@ -34,6 +34,7 @@ char *get_oauth2_string(struct query *ct
     int oauth2len;
 
     char *oauth2b64;
+    size_t oauth2b64alloc;
 
     oauth2len = strlen(ctl->remotename) + strlen(ctl->password) + 32;
     oauth2str = (char *)xmalloc(oauth2len);
@@ -52,8 +53,9 @@ char *get_oauth2_string(struct query *ct
 		 ctl->password);
     }
 
-    oauth2b64 = (char *)xmalloc(2*strlen(oauth2str)+8);
-    to64frombits(oauth2b64, oauth2str, strlen(oauth2str), oauth2len);
+    oauth2b64alloc = query_to64_outsize(strlen(oauth2str));
+    oauth2b64 = (char *)xmalloc(oauth2b64alloc);
+    to64frombits(oauth2b64, oauth2str, strlen(oauth2str), oauth2b64alloc);
 
     memset(oauth2str, 0x55, strlen(oauth2str));
     free(oauth2str);
Accepting request 892934 from home:jeff_mahoney:branches:server:mail - Backported support for OAUTH2 authentication from Fetchmail 7.0. - add imap oauthbearer support - support oauthbearer/xoauth2 with pop3 - add passwordfile and passwordfd options - add contrib/fetchnmail-oauth2.py token acquisition utility - FAQ: list gmail options including oauthbearer and app password - give each ctl it's own copy of password - re-read passwordfile on every poll - add query_to64_outsize() utility function - Chase and integrate interface change. - oauth2.c: calculate and pass in correct buffer size to to64frombits() - Increase max password length to handle oauth tokens - Bump max. passwordlen to 10000 bytes. - Add README.OAUTH2 - Added patches: * fetchmail-add-imap-oauthbearer-support.patch * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch * fetchmail-add-passwordfile-and-passwordfd-options.patch * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch * fetchmail-re-read-passwordfile-on-every-poll.patch * fetchmail-add-query_to64_outsize-utility-function.patch * fetchmail-chase-and-integrate-interface-change.patch * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch * fetchmail-bump-max-passwordlen-to-1bytes.patch * fetchmail-add-readme-oauth2-issue-27.patch OBS-URL: https://build.opensuse.org/request/show/892934 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=113 2021-06-04 14:09:36 +02:00			`From: Matthew Ogilvie <mmogilvi+fml@zoho.com>`
			`Date: Fri, 21 Dec 2018 09:01:40 -0700`
			`Subject: oauth2.c: calculate and pass in correct buffer size to to64frombits()`
			`Git-repo: https://gitlab.com/fetchmail/fetchmail.git`
			`Git-commit: 914ee333c73baa3c58d1e819ff4d66052e663335`

			`Also allocate the actual needed size instead of an excessively large`
			`approximate size.`

			`---`
Accepting request 991826 from home:mcepl:branches:server:mail - Update to 6.4.32: * Use configure to find rst2html, some systems install it only with .py suffix, others only without, and some install both. * Update README.maintainer * Translations updated. - Reapplied patches - Add 44-uncorrupt_runfetchmail.patch to clean up some contrib/ scripts (gl#fetchmail/fetchmail#44). OBS-URL: https://build.opensuse.org/request/show/991826 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=137 2022-08-01 09:35:53 +02:00			`oauth2.c \| 6 ++++--`
Accepting request 892934 from home:jeff_mahoney:branches:server:mail - Backported support for OAUTH2 authentication from Fetchmail 7.0. - add imap oauthbearer support - support oauthbearer/xoauth2 with pop3 - add passwordfile and passwordfd options - add contrib/fetchnmail-oauth2.py token acquisition utility - FAQ: list gmail options including oauthbearer and app password - give each ctl it's own copy of password - re-read passwordfile on every poll - add query_to64_outsize() utility function - Chase and integrate interface change. - oauth2.c: calculate and pass in correct buffer size to to64frombits() - Increase max password length to handle oauth tokens - Bump max. passwordlen to 10000 bytes. - Add README.OAUTH2 - Added patches: * fetchmail-add-imap-oauthbearer-support.patch * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch * fetchmail-add-passwordfile-and-passwordfd-options.patch * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch * fetchmail-re-read-passwordfile-on-every-poll.patch * fetchmail-add-query_to64_outsize-utility-function.patch * fetchmail-chase-and-integrate-interface-change.patch * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch * fetchmail-bump-max-passwordlen-to-1bytes.patch * fetchmail-add-readme-oauth2-issue-27.patch OBS-URL: https://build.opensuse.org/request/show/892934 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=113 2021-06-04 14:09:36 +02:00			`1 file changed, 4 insertions(+), 2 deletions(-)`

			`--- a/oauth2.c`
			`+++ b/oauth2.c`
Accepting request 991826 from home:mcepl:branches:server:mail - Update to 6.4.32: * Use configure to find rst2html, some systems install it only with .py suffix, others only without, and some install both. * Update README.maintainer * Translations updated. - Reapplied patches - Add 44-uncorrupt_runfetchmail.patch to clean up some contrib/ scripts (gl#fetchmail/fetchmail#44). OBS-URL: https://build.opensuse.org/request/show/991826 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=137 2022-08-01 09:35:53 +02:00			`@@ -34,6 +34,7 @@ char get_oauth2_string(struct query ct`
Accepting request 892934 from home:jeff_mahoney:branches:server:mail - Backported support for OAUTH2 authentication from Fetchmail 7.0. - add imap oauthbearer support - support oauthbearer/xoauth2 with pop3 - add passwordfile and passwordfd options - add contrib/fetchnmail-oauth2.py token acquisition utility - FAQ: list gmail options including oauthbearer and app password - give each ctl it's own copy of password - re-read passwordfile on every poll - add query_to64_outsize() utility function - Chase and integrate interface change. - oauth2.c: calculate and pass in correct buffer size to to64frombits() - Increase max password length to handle oauth tokens - Bump max. passwordlen to 10000 bytes. - Add README.OAUTH2 - Added patches: * fetchmail-add-imap-oauthbearer-support.patch * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch * fetchmail-add-passwordfile-and-passwordfd-options.patch * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch * fetchmail-re-read-passwordfile-on-every-poll.patch * fetchmail-add-query_to64_outsize-utility-function.patch * fetchmail-chase-and-integrate-interface-change.patch * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch * fetchmail-bump-max-passwordlen-to-1bytes.patch * fetchmail-add-readme-oauth2-issue-27.patch OBS-URL: https://build.opensuse.org/request/show/892934 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=113 2021-06-04 14:09:36 +02:00			`int oauth2len;`

			`char *oauth2b64;`
			`+ size_t oauth2b64alloc;`

			`oauth2len = strlen(ctl->remotename) + strlen(ctl->password) + 32;`
			`oauth2str = (char *)xmalloc(oauth2len);`
Accepting request 991826 from home:mcepl:branches:server:mail - Update to 6.4.32: * Use configure to find rst2html, some systems install it only with .py suffix, others only without, and some install both. * Update README.maintainer * Translations updated. - Reapplied patches - Add 44-uncorrupt_runfetchmail.patch to clean up some contrib/ scripts (gl#fetchmail/fetchmail#44). OBS-URL: https://build.opensuse.org/request/show/991826 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=137 2022-08-01 09:35:53 +02:00			`@@ -52,8 +53,9 @@ char get_oauth2_string(struct query ct`
Accepting request 892934 from home:jeff_mahoney:branches:server:mail - Backported support for OAUTH2 authentication from Fetchmail 7.0. - add imap oauthbearer support - support oauthbearer/xoauth2 with pop3 - add passwordfile and passwordfd options - add contrib/fetchnmail-oauth2.py token acquisition utility - FAQ: list gmail options including oauthbearer and app password - give each ctl it's own copy of password - re-read passwordfile on every poll - add query_to64_outsize() utility function - Chase and integrate interface change. - oauth2.c: calculate and pass in correct buffer size to to64frombits() - Increase max password length to handle oauth tokens - Bump max. passwordlen to 10000 bytes. - Add README.OAUTH2 - Added patches: * fetchmail-add-imap-oauthbearer-support.patch * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch * fetchmail-add-passwordfile-and-passwordfd-options.patch * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch * fetchmail-re-read-passwordfile-on-every-poll.patch * fetchmail-add-query_to64_outsize-utility-function.patch * fetchmail-chase-and-integrate-interface-change.patch * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch * fetchmail-bump-max-passwordlen-to-1bytes.patch * fetchmail-add-readme-oauth2-issue-27.patch OBS-URL: https://build.opensuse.org/request/show/892934 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=113 2021-06-04 14:09:36 +02:00			`ctl->password);`
			`}`

			`- oauth2b64 = (char )xmalloc(2strlen(oauth2str)+8);`
			`- to64frombits(oauth2b64, oauth2str, strlen(oauth2str), oauth2len);`
			`+ oauth2b64alloc = query_to64_outsize(strlen(oauth2str));`
			`+ oauth2b64 = (char *)xmalloc(oauth2b64alloc);`
			`+ to64frombits(oauth2b64, oauth2str, strlen(oauth2str), oauth2b64alloc);`

			`memset(oauth2str, 0x55, strlen(oauth2str));`
			`free(oauth2str);`