File kvirc-dcc_vul.diff of Package kvirc
Index: src/modules/dcc/chat.cpp
===================================================================
--- src/modules/dcc/chat.cpp (revision 4334)
+++ src/modules/dcc/chat.cpp (revision 4430)
@@ -231,7 +231,7 @@
struct in_addr a;
if(kvi_stringIpToBinaryIp(ip.ptr(),&a))ip.setNum(htonl(a.s_addr));
- QString szReq = QString("PRIVMSG %1 :%2DCC %3 chat %4 %5").arg(m_pDescriptor->szNick).arg((char)0x01).arg(m_pDescriptor->szType).arg(ip.ptr()).arg(port);
+ QString szReq = QString("PRIVMSG %1 :%2DCC %3 chat %4 %5").arg(m_pDescriptor->szNick, QChar(0x01), m_pDescriptor->szType, ip.ptr()).arg(port);
if(m_pDescriptor->isZeroPortRequest())
{
@@ -280,11 +280,11 @@
{
QString tmp = QString("DCC %1 %2@%3:%4").arg(
#ifdef COMPILE_SSL_SUPPORT
- m_pDescriptor->bIsSSL ? "SChat" : "Chat").arg(
+ m_pDescriptor->bIsSSL ? "SChat" : "Chat",
#else
- "Chat").arg(
+ "Chat",
#endif
- m_pDescriptor->szNick).arg(m_pDescriptor->szIp).arg(m_pDescriptor->szPort);
+ m_pDescriptor->szNick, m_pDescriptor->szIp, m_pDescriptor->szPort);
m_szPlainTextCaption = tmp;
Index: src/modules/dcc/requests.cpp
===================================================================
--- src/modules/dcc/requests.cpp (revision 4334)
+++ src/modules/dcc/requests.cpp (revision 4430)
@@ -80,7 +80,7 @@
if(KVI_OPTION_BOOL(KviOption_boolNotifyFailedDccHandshakes))
{
- QString szError = QString("Sorry, your DCC %1 request can't be satisfied: %2").arg(dcc->szType.ptr()).arg(errText);
+ QString szError = QString("Sorry, your DCC %1 request can't be satisfied: %2").arg(dcc->szType.ptr(), errText);
dcc_module_reply_errmsg(dcc,szError);
}
}
@@ -454,6 +454,16 @@
dcc->szParam1.cutToLast('/');
}
+ if(dcc->szParam1.contains("%2F"))
+ {
+ if(!dcc->ctcpMsg->msg->haltOutput())
+ {
+ dcc->ctcpMsg->msg->console()->output(KVI_OUT_DCCMSG,
+ __tr2qs_ctx("The above request is broken: The filename contains path components, stripping the leading path and trying to continue","dcc"),dcc->szParam1.ptr());
+ }
+ dcc->szParam1.cutToLast("%2F");
+ }
+
KviStr szExtensions = dcc->szType;
szExtensions.cutRight(4); // cut off SEND
Index: src/modules/dcc/broker.cpp
===================================================================
--- src/modules/dcc/broker.cpp (revision 4334)
+++ src/modules/dcc/broker.cpp (revision 4430)
@@ -268,7 +268,7 @@
QString tmp = __tr2qs_ctx( \
"<b>%1 [%2@%3]</b> requests a " \
"<b>Direct Client Connection</b> in <b>%4</b> mode.<br>", \
- "dcc").arg(dcc->szNick).arg(dcc->szUser).arg(dcc->szHost).arg(dcc->szType);
+ "dcc").arg(dcc->szNick, dcc->szUser, dcc->szHost, dcc->szType);
#ifdef COMPILE_SSL_SUPPORT
if(dcc->bIsSSL)tmp += __tr2qs_ctx("The connection will be secured using SSL.<br>","dcc");
@@ -282,7 +282,7 @@
} else {
tmp += __tr2qs_ctx( \
"The connection target will be host <b>%1</b> on port <b>%2</b><br>" \
- ,"dcc").arg(dcc->szIp).arg(dcc->szPort);
+ ,"dcc").arg(dcc->szIp, dcc->szPort);
}
@@ -315,7 +315,7 @@
KviStr szSubProto = dcc->szType;
szSubProto.toLower();
- QString tmp = QString("dcc: %1 %2@%3:%4").arg(szSubProto.ptr()).arg(dcc->szNick).arg(dcc->szIp).arg(dcc->szPort);
+ QString tmp = QString("dcc: %1 %2@%3:%4").arg(szSubProto.ptr(), dcc->szNick, dcc->szIp, dcc->szPort);
KviDccChat * chat = new KviDccChat(dcc->console()->frame(),dcc,tmp.utf8().data());
bool bMinimized = dcc->bOverrideMinimize ? dcc->bShowMinimized : \
@@ -341,7 +341,7 @@
"<b>Direct Client Connection</b> in <b>VOICE</b> mode.<br>" \
"The connection target will be host <b>%4</b> on port <b>%5</b><br>" \
,"dcc" \
- ).arg(dcc->szNick).arg(dcc->szUser).arg(dcc->szHost).arg(dcc->szIp).arg(dcc->szPort);
+ ).arg(dcc->szNick, dcc->szUser, dcc->szHost, dcc->szIp).arg(dcc->szPort);
KviDccAcceptBox * box = new KviDccAcceptBox(this,dcc,tmp,__tr2qs_ctx("DCC VOICE request","dcc"));
m_pBoxList->append(box);
@@ -412,7 +412,7 @@
"<b>Direct Client Connection</b> in <b>CANVAS</b> mode.<br>" \
"The connection target will be host <b>%4</b> on port <b>%5</b><br>" \
,"dcc" \
- ).arg(dcc->szNick).arg(dcc->szUser).arg(dcc->szHost).arg(dcc->szIp).arg(dcc->szPort);
+ ).arg(dcc->szNick, dcc->szUser, dcc->szHost, dcc->szIp).arg(dcc->szPort);
KviDccAcceptBox * box = new KviDccAcceptBox(this,dcc,tmp,__tr2qs_ctx("DCC CANVAS request","dcc"));
m_pBoxList->append(box);
@@ -505,9 +505,9 @@
"<b>%5</b> large.<br>" \
"The connection target will be host <b>%6</b> on port <b>%7</b><br>" \
,"dcc" \
- ).arg(dcc->szNick).arg(dcc->szUser).arg(dcc->szHost).arg(
- dcc->szFileName).arg(KviQString::makeSizeReadable(dcc->szFileSize.toULong())).arg(
- dcc->szIp).arg(dcc->szPort);
+ ).arg(dcc->szNick, dcc->szUser, dcc->szHost,
+ dcc->szFileName).arg(KviQString::makeSizeReadable(dcc->szFileSize.toULong()),
+ dcc->szIp, dcc->szPort);
} else {
// passive: we will be listening!
@@ -518,7 +518,7 @@
"<b>%5</b> large.<br>" \
"You will be the passive side of the connection.<br>" \
,"dcc" \
- ).arg(dcc->szNick).arg(dcc->szUser).arg(dcc->szHost).arg(
+ ).arg(dcc->szNick, dcc->szUser, dcc->szHost,
dcc->szFileName).arg(KviQString::makeSizeReadable(dcc->szFileSize.toULong()));
}
@@ -669,7 +669,7 @@
"<b>auto-rename</b> the new file, or<br>" \
"<b>resume</b> an incomplete download?" \
,"dcc" \
- ).arg(dcc->szLocalFileName).arg(KviQString::makeSizeReadable(fi.size()));
+ ).arg(dcc->szLocalFileName, KviQString::makeSizeReadable(fi.size()));
} else {
bDisableResume = true;
// the file on disk is larger or equal to the remote one
Index: src/modules/dcc/send.cpp
===================================================================
--- src/modules/dcc/send.cpp (revision 4334)
+++ src/modules/dcc/send.cpp (revision 4430)
@@ -1236,14 +1236,14 @@
if(iW2 > 0)p->fillRect(5 + iL2,5,iW2,10,bIsTerminated ? QColor(150,130,110) : QColor(220,170,100));
p->fillRect(5,5,iL2,10,bIsTerminated ? QColor(140,110,110) : QColor(200,100,100));
- txt = QString(__tr2qs_ctx("%1 of %2 (%3%)","dcc")).arg(KviQString::makeSizeReadable(iAckedBytes)).arg(KviQString::makeSizeReadable(m_uTotalFileSize)).arg(dPerc2,0,'f',2);
+ txt = QString(__tr2qs_ctx("%1 of %2 (%3%)","dcc")).arg(KviQString::makeSizeReadable(iAckedBytes), KviQString::makeSizeReadable(m_uTotalFileSize)).arg(dPerc2,0,'f',2);
} else {
// we are receiving a file or not sending acks
double dPerc = (double)(((double)uTransferred) * 100.0) / (double)m_uTotalFileSize;
int iL = (int) ((((double)iW) * dPerc) / 100.0);
p->fillRect(5,5,iL,10,bIsTerminated ? QColor(140,110,110) : QColor(200,100,100));
- txt = QString(__tr2qs_ctx("%1 of %2 (%3%)","dcc")).arg(KviQString::makeSizeReadable(uTransferred)).arg(KviQString::makeSizeReadable(m_uTotalFileSize)).arg(dPerc,0,'f',2);
+ txt = QString(__tr2qs_ctx("%1 of %2 (%3%)","dcc")).arg(KviQString::makeSizeReadable(uTransferred), KviQString::makeSizeReadable(m_uTotalFileSize)).arg(dPerc,0,'f',2);
}
} else {
@@ -1477,14 +1477,14 @@
// if(TRIGGER_EVENT_5PARAM_RETVALUE(KviEvent_OnDCCSendConnected,this,m_pDescriptor->szPort.ptr(),m_pDescriptor->szFileName.ptr(),m_pDescriptor->szNick.ptr(),m_pDescriptor->szUser.ptr(),m_pDescriptor->szHost.ptr()));
// }
//
- m_szStatusString = __tr2qs_ctx("Contacting host %1 on port %2","dcc").arg(m_pDescriptor->szIp).arg(m_pDescriptor->szPort);
+ m_szStatusString = __tr2qs_ctx("Contacting host %1 on port %2","dcc").arg(m_pDescriptor->szIp, m_pDescriptor->szPort);
outputAndLog(m_szStatusString);
displayUpdate();
return;
}
// PASSIVE CONNECTION
- m_szStatusString = __tr2qs_ctx("Listening on interface %1 port %2","dcc").arg(m_pMarshal->localIp()).arg(m_pMarshal->localPort());
+ m_szStatusString = __tr2qs_ctx("Listening on interface %1 port %2","dcc").arg(m_pMarshal->localIp(), m_pMarshal->localPort());
outputAndLog(m_szStatusString);
if(m_pDescriptor->bSendRequest)
@@ -1558,7 +1558,7 @@
ip.utf8().data(),port.ptr(),
&(m_pDescriptor->szLocalFileSize),0x01);
}
- outputAndLog(__tr2qs_ctx("Sent DCC %1 request to %2, waiting for remote client to connect...","dcc").arg(szReq.ptr()).arg(m_pDescriptor->szNick));
+ outputAndLog(__tr2qs_ctx("Sent DCC %1 request to %2, waiting for remote client to connect...","dcc").arg(szReq.ptr(), m_pDescriptor->szNick));
} else {
outputAndLog(__tr2qs_ctx("DCC %1 request not sent, awaiting manual connection","dcc").arg(m_szDccType.ptr()));
}
@@ -1687,8 +1687,8 @@
void KviDccFileTransfer::connected()
{
- outputAndLog(__tr2qs_ctx("Connected to %1:%2","dcc").arg(m_pMarshal->remoteIp()).arg(m_pMarshal->remotePort()));
- outputAndLog(__tr2qs_ctx("Local end is %1:%2","dcc").arg(m_pMarshal->localIp()).arg(m_pMarshal->localPort()));
+ outputAndLog(__tr2qs_ctx("Connected to %1:%2","dcc").arg(m_pMarshal->remoteIp(), m_pMarshal->remotePort()));
+ outputAndLog(__tr2qs_ctx("Local end is %1:%2","dcc").arg(m_pMarshal->localIp(), m_pMarshal->localPort()));
m_tTransferStartTime = kvi_unixTime();
@@ -1769,7 +1769,7 @@
if(ret != KviError_success)handleMarshalError(ret);
else {
- m_szStatusString = __tr2qs_ctx("Contacting host %1 on port %2","dcc").arg(m_pDescriptor->szIp).arg(m_pDescriptor->szPort);
+ m_szStatusString = __tr2qs_ctx("Contacting host %1 on port %2","dcc").arg(m_pDescriptor->szIp, m_pDescriptor->szPort);
outputAndLog(m_szStatusString);
displayUpdate();
}
