Commit graph

22 commits

Author SHA1 Message Date
Michael Keller
6aca76c342 Import / Export: Remove Unsafe XML Handling Options.
Remove the options to expand entities and so continue when encountering invalid /
malformed XML, as both of these can be exploited by supplying
maliciously crafted XML.

Signed-off-by: Michael Keller <mikeller@042.ch>
2024-03-24 19:01:05 +01:00
Berthold Stoeger
bfbf4934dd core: enable compiler warngings for report_error and report_info
printf() is a horrible interface as it does no type checking.
Let's at least use the compiler to check format strings and
arguments. This obviously doesn't work for translated strings
and using report_error on translated strings is dubious. But OK.

Had to convert a number of report_error() calls to supress
warnings.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2024-03-12 10:31:07 -04:00
Michael Keller
5fae7ce7a0 Equipment: Include Unused Tanks in Merge if Preference is Enabled.
Include unused tanks in merges of multiple logs into a single dive if
the 'Show unused cylinders' preference is enabled.
Also rename the preference (in code) to `include_unused_tanks` to
reflect the fact that it is already used in more places than just the
display (exporting, cloning dives).
Simplified the cylinder model to make forced inclusion of unused tanks
dependent on use of the model in planner.
Leaving the persisted name of the preference as `display_unused_tanks`
to avoid resetting this for all users - is there a good way to migrate
preference names?

Signed-off-by: Michael Keller <github@ike.ch>
2023-07-25 11:19:03 +12:00
Dirk Hohndel
c41e2489a4 Qt6: update the connect calls for QNetworkReply
Because of the old connect syntax used the incorrect signal names weren't
caught at compile time. To switch to the new syntax we had to make two
functions pure virtual in the WebServices class - let's hope I got that right.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2022-04-18 07:24:39 +02:00
Berthold Stoeger
f9b9582a64 core: fold display.h into profile.h
The only things in display.h were profile related, so the
split between these two files is not comprehensible.
In fact profile.h includes display.h, because it needs the
struct defined therein. Let's just merge these two files.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2022-03-13 15:07:33 -07:00
Berthold Stoeger
5eda1c0e39 parser: XML_PARSE_RECOVER to xmlReadMemory()
Due to changes in the handling of sensor-ids, invalid XMLs were
generated. In particular, these contained duplicate attributes
in the sample tags.

Even though these files shouldn't exist, let's try to parse
them anyway. Some data will be lost, but that's better than
not opening the file.

libxml2 can be told to try to recover from such petty(?) errors
by passing the XML_PARSE_RECOVER flag.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2021-09-03 09:30:34 -07:00
Richard Fuchs
f308a6b57b export: clean up temp file after divelogs.de upload
This adds a cleanup function to be called after a divelogs.de upload
finishes (successful or not) to make sure the temporary zip file is
closed and removed.

Signed-off-by: Richard Fuchs <dfx@dfx.at>
2021-08-06 11:05:06 -07:00
Richard Fuchs
cf78e4cb20 export: use unique temporary file for divelogs.de upload
On multi-user systems with a shared directory for temporary files, using
a static file name can lead to permissions problems and subsequent
errors due to collisions. Use a random unique file name for each
generated file to avoid these problems.

Note: the temporary file generated from the divelogs.de upload is still
left behind after the upload finishes.

Signed-off-by: Richard Fuchs <dfx@dfx.at>
2021-08-03 08:34:18 -07:00
Berthold Stoeger
b18b3119b5 cleanup: don't NUL-terminate membuffer in uploadDiveLogsDE
The data of the membuffer is passed as a data/length pair
to xmlReadMemory(). There is no point in NUL-terminating it.

Moreover, pass the data directly to xmlReadMemory()
instead of via variables. These variables are reused
later with a different meaning, making this super-confusing.

The membuf variable is turned from "const char *" to "char *"
to signal that we own the buffer.

Amazingly, zip_source_buffer() frees the buffer, even though
a "const void *" is passed in. This API is pure madness. Add
a comment.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2021-07-23 11:22:43 -07:00
Berthold Stoeger
16b31985c3 cleanup: replace membuffer by membufferpp in C-code
Thus, the membuffer data is automatically freed when going
out of scope - one thing less to worry about.

This fixes one use-after-free bug in uploadDiveLogsDE.cpp
and one extremely questionable practice in divetooltipitem.cpp:
The membuffer was a shared instance across all instances
of the DiveToolTipItem.

Remves unnecessary #include directives in files that didn't
even use membuffer.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2021-07-23 11:22:43 -07:00
Miika Turkia
48c2929f48 Fix coverity reported memory leaks
Signed-off-by: Miika Turkia <miika.turkia@gmail.com>
2021-07-19 09:07:48 -07:00
Miika Turkia
63795a84f4 Export unused cylinders to divelogs.de
When user has selected to show unused cylinders in equipment tab,
respect this setting when exporting to divelogs.de.

Fixes #3277

Signed-off-by: Miika Turkia <miika.turkia@gmail.com>
2021-07-18 13:43:54 +03:00
Dirk Hohndel
24543a0099 core: fix incorrect changes in divelogs.de export
This is complete nonsense and should never have been merged.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2020-02-17 10:50:51 -08:00
Berthold Stoeger
8391d926c7 Cleanup: remove const bool parameters and return types
These just make no sense. Since the value is copied, it
has no meaning to the caller whether the function can
change the value (and vice versa for return types).

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2020-02-09 12:13:18 -08:00
jan Iversen
cb252f39d7 core: corrected timeout and error text problem in uploadDiveLogsDE
incorrectly stopped timer before the upload was started.

Signed-off-by: Jan Iversen <jan@casacondor.com>
2019-12-11 12:36:43 -05:00
jan Iversen
5a4128a8f2 core: add uploadStatus signal to uploadDiveLogsDE
The uploadStatus signal can be used to inform the user about
the process e.g.
- preparing zip file
- starting actual upload

It is a suplement to uploadProgress, that only informs about
the network part.

Signed-off-by: Jan Iversen <jan@casacondor.com>
2019-12-11 12:36:43 -05:00
jan Iversen
10ab833d7d core: make uploadDiveLogsDE slots workable for desktop
Secure that the slots/signals in uploadDiveLogsDE, which are without
UI, can be used in DivelogsDeWebServices (to add the UI part).

Signed-off-by: Jan Iversen <jan@casacondor.com>
2019-12-11 12:36:43 -05:00
jan Iversen
fa8acc0f40 core: rename slot in uploadDiveLogsDE
The difference between slot names and signal names was to insignificant
e.g. uploadFinish (signal) uploadFinished (slot).

Change slot names to slot_<name> should clear any confusion.

Signed-off-by: Jan Iversen <jan@casacondor.com>
2019-12-11 12:36:43 -05:00
jan Iversen
49e6330399 core: make shared prepareDives identical to desktop prepare_dives_for_divelogs
In order to replace DivelogsDeWebServices::prepare_dives_for_divelogs with
uploadDiveLogsDE::prepareDives, first step is to make the functions identical.

amount_selected is not maintained for mobile, add #ifdef SUBSURFACE_MOBILE

Add comment, to make code more readable

add white line to make code more readable

change to use variable ds (created a couple of lines earlier

Avoid "goto" by adding close code

Remove label and close code (it was only called in 1 place)

Signed-off-by: Jan Iversen <jan@casacondor.com>
2019-12-11 12:36:43 -05:00
jan Iversen
738d3057da core: correct QString arg problem
use report_error directly, instead of making a QString first,
argument syntax are different (%s vs. %1)

Signed-off-by: Jan Iversen <jan@casacondor.com>
2019-12-11 12:36:43 -05:00
jan Iversen
976b2fc2a7 core: add timeout.stop() if upload successful
Stop timeout not only in case of errors, but also in
positive case.

Signed-off-by: Jan Iversen <jan@casacondor.com>
2019-12-11 12:36:43 -05:00
jan Iversen
eb08f17a03 core: add upload divelogs.de class
The implementation is based on class DivelogsDeWebServices in
desktop-widgets but without the UI entanglement

Signed-off-by: Jan Iversen <jan@casacondor.com>
2019-12-11 12:36:43 -05:00