anntp

a nntp implementation in pure C99
Log | Files | Refs | README | LICENSE
commit a8b49a567e3bebd34b5002f901d1385a89c23dcb
parent 302f0dcae80db81929d2c07275e67099769188b6
Author: Mario Rosell R. Martinez <mario@mariorosell.es>
Date:   Sun, 22 Mar 2026 18:31:49 +0100

sec, buf, audit, tests: Huge audit and bug audit, and fix tests

Diffstat:

Manntp.h | 21++++++++++++++++-----


Mtests/test.c | 16----------------


2 files changed, 16 insertions(+), 21 deletions(-)

diff --git a/anntp.h b/anntp.h
@@ -54,6 +54,7 @@
 #define ANNTP_H
 
 #include <arpa/inet.h>   /* for inet_ntoa, inet_ntop */
+#include <errno.h>       /* for errno */
 #include <netdb.h>       /* for gethostbyname, struct hostent */
 #include <netinet/in.h>  /* for struct in_addr */
 #include <stddef.h>      /* for size_t */
@@ -269,17 +270,21 @@ anntp_mkconn(const char* host, const char* port, Bool tls)
 		if (!ctx) goto cleanup_addr;
 
 		cv->ssl = SSL_new(ctx);
-		if (!cv->ssl) goto cleanup_addr;
+		if (!cv->ssl) {
+			SSL_CTX_free(ctx); goto cleanup_addr;
+		}
 
 		SSL_set_fd(cv->ssl, cv->fd);
 		if (SSL_connect(cv->ssl) <= 0) {
 			SSL_free(cv->ssl);
 			cv->ssl = NULL;
+			SSL_CTX_free(ctx);
 			goto cleanup_addr;
 		}
 
 		SSL_CTX_free(ctx);
 	}
+
 #endif
 
 	cv->state = ANS_READY;
@@ -338,10 +343,14 @@ anntp_group(AnntpConnection* cv, const char* group, AnntpGroup* out)
 	char name[128];
 
 	/* validate */
-	sscanf(line, "211 %d %d %d %127s", &count, &first, &last, name);
-	strncpy(name, group, sizeof(name)-1);
+	int parsed = sscanf(line, "211 %d %d %d %127s", &count, &first, &last, name);
+	if (parsed < 4) {
+		return ANE_PROTO;
+	}
 
 	out->name = ANNTP_STRDUP(name);
+	if (!out->name)
+		return ANNTPE(ANE_IO);
 	out->first = (AnntpArticleNumber)first;
 	out->last = (AnntpArticleNumber)last;
 	out->mode = mode;
@@ -443,8 +452,9 @@ anntp_readdot(AnntpConnection* cv, char* buf, size_t maxlen)
 {
 	if (!cv || !buf) return -1;
 
-	size_t pos = 0;
 	char* line = (char*)ANNTP_MALLOC(ANNTP_BUFSIZE);
+	if (!line) return ANNTPE(ANE_IO);
+	size_t pos = 0;
 	ssize_t n;
 
 	for (;;) {
@@ -470,7 +480,8 @@ anntp_readdot(AnntpConnection* cv, char* buf, size_t maxlen)
 	}
 
 	ANNTP_FREE(line);
-	buf[pos] = '\0';
+	if (pos < maxlen) buf[pos] = '\0';
+	else buf[maxlen - 1] = '\0'; /* null terminate */
 	return (ssize_t)pos;
 }
 
diff --git a/tests/test.c b/tests/test.c
@@ -94,22 +94,6 @@ test_auth(void)
 	anntp_freeconn(c);
 }
 
-void
-test_group(void)
-{
-	AnntpConnection* c = anntp_mkconn("news.eternal-september.org", "119", false);
-	require(c != NULL, "connection for GROUP test");
-
-	char line[256];
-	anntp_readline(c, line, sizeof(line));
-
-	AnntpGroup g;
-	int err = anntp_group(c, "eternal-september.talk", &g);
-	require(err == ANE_OK, "groups");
-
-	anntp_freeconn(c);
-}
-
 static int
 count_cb(const char* line, void* extra)
 {