mcabber: mcabber/mcabber/commands.c comparison

Improve load_message_from_file() file content validation

author	Mikael Berthe <mikael@lilotux.net>
date	Thu, 11 May 2017 14:35:35 +0200
parents	def5f64c253d
children	a62bbd4d7061

comparison

equal deleted inserted replaced

-:0d5660c6b4aa
+:1cfe6df4f7e6
 {
 FILE *fd;
 struct stat buf;
 char *msgbuf, *msgbuf_utf8;
 char *p;
-char *next_utf8_char;
+gboolean valid;
 size_t len;
 fd = fopen(filename, "r");
 if (!fd || fstat(fileno(fd), &buf)) {
 msgbuf = g_new0(char, HBB_BLOCKSIZE);
 len = fread(msgbuf, 1, HBB_BLOCKSIZE-1, fd);
 fclose(fd);
-next_utf8_char = msgbuf;
 // Check there is no binary data.  It must be a *message* file!
-for (p = msgbuf ; *p ; p++) {
+valid = TRUE;
 if (utf8_mode) {
-if (p == next_utf8_char) {
+valid = g_utf8_validate(msgbuf, len, (const gchar **)&p);
-if (!iswprint(get_char(p)) && *p != '\n' && *p != '\t')
+} else { // Non-UTF8
+for (p = msgbuf ; *p; p++) {
+if (!utf8_mode) {
+unsigned char sc = *p;
+if (!iswprint(sc) && sc != '\n' && sc != '\t') {
+valid = FALSE;
 break;
-next_utf8_char = next_char(p);
+}
 }
-} else {
+}
-unsigned char sc = *p;
+}
-if (!iswprint(sc) && sc != '\n' && sc != '\t')
-break;
+if (valid && (*p || p != len+msgbuf)) {
-}
+valid = FALSE; // We're not at the End Of Line...
 }
+if (!valid) {
-if (*p || (size_t)(p-msgbuf) != len) { // We're not at the End Of Line...
+scr_LogPrint(LPRINT_LOGNORM, "Message file contains "
-scr_LogPrint(LPRINT_LOGNORM, "Message file contains "
+"invalid characters (%s)", filename);
-"invalid characters (%s)", filename);
+g_free(msgbuf);
-g_free(msgbuf);
+return NULL;
-return NULL;
 }
 // p is now at the EOL
 // Let's strip trailing newlines
 if (p > msgbuf)

Mercurial > ~mikael > mcabber > hg