From eb9157702c022a8a5b73127a36676a52b4b29984 Mon Sep 17 00:00:00 2001
From: rswindell <>
Date: Sun, 23 Jun 2002 09:51:14 +0000
Subject: [PATCH] Fixed the following methods (were corrupting passed string
 buffer): ascii_str(), strip_ctrl(), strip_exascii(), and truncps().

---
 src/sbbs3/js_global.c | 40 ++++++++++++++++++++++++++++++++++++----
 1 file changed, 36 insertions(+), 4 deletions(-)

diff --git a/src/sbbs3/js_global.c b/src/sbbs3/js_global.c
index fbf5655150..52aacbdae3 100644
--- a/src/sbbs3/js_global.c
+++ b/src/sbbs3/js_global.c
@@ -277,21 +277,38 @@ js_ascii(JSContext *cx, JSObject *obj, uintN argc, jsval *argv, jsval *rval)
 	return(JS_TRUE);
 }
 
+static char* dupestr(char* str)
+{
+	char* p;
+
+	p = (char*)malloc(strlen(str)+1);
+
+	if(p == NULL)
+		return(NULL);
+
+	return(strcpy(p,str));
+}
+
 static JSBool
 js_ascii_str(JSContext *cx, JSObject *obj, uintN argc, jsval *argv, jsval *rval)
 {
 	char*		p;
+	char*		str;
 	JSString*	js_str;
 
 	if((js_str=JS_ValueToString(cx, argv[0]))==NULL) 
 		return(JS_FALSE);
 
-	if((p=JS_GetStringBytes(js_str))==NULL) 
+	if((str=JS_GetStringBytes(js_str))==NULL) 
+		return(JS_FALSE);
+
+	if((p=dupestr(str))==NULL)
 		return(JS_FALSE);
 
 	ascii_str(p);
 
 	js_str = JS_NewStringCopyZ(cx, p);
+	free(p);
 	*rval = STRING_TO_JSVAL(js_str);
 	return(JS_TRUE);
 }
@@ -301,17 +318,22 @@ static JSBool
 js_strip_ctrl(JSContext *cx, JSObject *obj, uintN argc, jsval *argv, jsval *rval)
 {
 	char*		p;
+	char*		str;
 	JSString*	js_str;
 
 	if((js_str=JS_ValueToString(cx, argv[0]))==NULL) 
 		return(JS_FALSE);
 
-	if((p=JS_GetStringBytes(js_str))==NULL) 
+	if((str=JS_GetStringBytes(js_str))==NULL) 
+		return(JS_FALSE);
+
+	if((p=dupestr(str))==NULL)
 		return(JS_FALSE);
 
 	strip_ctrl(p);
 
 	js_str = JS_NewStringCopyZ(cx, p);
+	free(p);
 	*rval = STRING_TO_JSVAL(js_str);
 	return(JS_TRUE);
 }
@@ -320,17 +342,22 @@ static JSBool
 js_strip_exascii(JSContext *cx, JSObject *obj, uintN argc, jsval *argv, jsval *rval)
 {
 	char*		p;
+	char*		str;
 	JSString*	js_str;
 
 	if((js_str=JS_ValueToString(cx, argv[0]))==NULL) 
 		return(JS_FALSE);
 
-	if((p=JS_GetStringBytes(js_str))==NULL) 
+	if((str=JS_GetStringBytes(js_str))==NULL) 
+		return(JS_FALSE);
+
+	if((p=dupestr(str))==NULL)
 		return(JS_FALSE);
 
 	strip_exascii(p);
 
 	js_str = JS_NewStringCopyZ(cx, p);
+	free(p);
 	*rval = STRING_TO_JSVAL(js_str);
 	return(JS_TRUE);
 }
@@ -339,17 +366,22 @@ static JSBool
 js_truncsp(JSContext *cx, JSObject *obj, uintN argc, jsval *argv, jsval *rval)
 {
 	char*		p;
+	char*		str;
 	JSString*	js_str;
 
 	if((js_str=JS_ValueToString(cx, argv[0]))==NULL) 
 		return(JS_FALSE);
 
-	if((p=JS_GetStringBytes(js_str))==NULL) 
+	if((str=JS_GetStringBytes(js_str))==NULL) 
+		return(JS_FALSE);
+
+	if((p=dupestr(str))==NULL)
 		return(JS_FALSE);
 
 	truncsp(p);
 
 	js_str = JS_NewStringCopyZ(cx, p);
+	free(p);
 	*rval = STRING_TO_JSVAL(js_str);
 	return(JS_TRUE);
 }
-- 
GitLab