Age | Commit message (Collapse) | Author |
|
A couple of these could clearly cause a crash just like the one fixed by
commit 00865f5a1e1a ("equipment.c: Fix potential buffer overflow in
size_data_funct()").
One would append user input to fixed length buffer without checking.
We were hardcoding the (correct) max path length in macos.c - replaced by
the actual OS constant.
But the vast majority are just extremely generous guesses how long
localized strings could possibly be.
Yes, this commit is likely leaning towards overkill. But we have now been
bitten by buffer overflow crashes twice that were caused by localization,
so I tried to go through all of the code and identify every possible
buffer that could be affected by this.
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|
|
Simply clear out the table (and free the "dives" that were created).
Reported-by: Sergey Starosek <sergey.starosek@gmail.com>
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|
|
We need to have this be one well defined string -> this requires a change
to the companion app as well.
This commit also hides the (untranslated) debug message if no dives in the
dive table match a gpsfix downloaded from the webservice.
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|
|
If no new gps fixes or new location names were obtained from the
webservice there is no need to save the datafile on exit.
Reported-by: Sergey Starosek <sergey.starosek@gmail.com>
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|
|
In download_dialog_release_xml() we check if state->xmldata is non-NULL
and free it. But we don't set it to NULL anywhere, so if the user hits
cancel the variable is undefined.
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|
|
- Added a help button that links to the online API page and should provide
a sufficient start to the new user.
- Use download_dialog_response_cb as a callback for most dialog reponses
instead of waiting for gtk_dialog_run() and using goto e.g. in the case
of GTK_RESPONSE_HELP.
- Fixed some integer signedness warnings in download_dialog_traverse_xml()
Signed-off-by: Lubomir I. Ivanov <neolit123@gmail.com>
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|
|
webservice.c:webservice_download_dialog()
If a value for previous UID is returned from the user config
via subsurface_get_conf("webservice_uid"), make sure to
free the string near the function return.
Signed-off-by: Lubomir I. Ivanov <neolit123@gmail.com>
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|
|
This no longer abuses the dive merging code (which would leave stray
"dives" behind if a gps fix couldn't be merged with any of the dives) and
instead parses the gps fixes into a second table and then walks that table
and tries to find matching dives.
The code tries to be reasonably smart about this. If we have
auto-generated GPS fixes at regular intervals, we look for a fix that is
during a dive (that's likely when the boat where the phone is staying dry
is more or less above the diver having fun). And if we have named entries
(so the user typed in a location name) we try to match them in order to
the dives that happened "that day" (where "that day" is about 6h before
and after the timestamp of the gps fix).
This commit also renames dive_has_location() to dive_has_gps_location() as
the difference between if(!dive->location) and if(dives_has_location) is a
bit too subtle...
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|
|
This only changes the infrastructure and actually loses functionality as
it no longer does the simplistic "just treat the locations as dives and
merge them".
The new code that does something "smart" with the gps_location_table is
yet to be written. But now we can use the XML parser to put the gps
locations downloaded from the webservice into their own data structure.
In the process I noticed that we never used the two delete functions in
parse-xml.c and removed them.
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|
|
Also make sure to pass the "Accept" request header
set to "text/xml", so that XML is retrieved.
Signed-off-by: Lubomir I. Ivanov <neolit123@gmail.com>
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|
|
We use subsurface_set_conf() subsurface_get_conf() to store
and recall the prefered UID for the download.
Signed-off-by: Lubomir I. Ivanov <neolit123@gmail.com>
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|
|
Dive locations marked (and named) via the companion app are downloaded
from the webservice, parsed and merged with the existing dives.
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|
|
1) download_dialog_status_text() had some statements with no effect
due to missing return keywords. This fixes incorrect error reporting.
2) Optimize the traversion of the response XML. Assuming that the
status tag should be always under the root tag. We check if the
root tag has children and enter a loop until we find a the
"download" or "error" node names. If there are no children
we return a parser error.
3) Clamp the number of input characters to 30 in the user id
GtkEntry field.
Signed-off-by: Lubomir I. Ivanov <neolit123@gmail.com>
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|
|
A couple of new files webservice.c and webservice.h are added.
webservice.h exposes two methods at the moment:
- webservice_download_dialog():
this function creates the user interface for the download dialog
from the web service.
- webservice_request_user_xml()
this function is a direct call to retrieve XML for a specific
user identifier. the actual data, data length and error codes
are stored in passed pointers.
A menu entry is added in the Log menu:
"Download From Web Service"
The used backend for communication at the moment is provided
by libsoup.
Signed-off-by: Lubomir I. Ivanov <neolit123@gmail.com>
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
|