changeset 2315:1cfe6df4f7e6

Improve load_message_from_file() file content validation
author Mikael Berthe <mikael@lilotux.net>
date Thu, 11 May 2017 14:35:35 +0200
parents 0d5660c6b4aa
children 90b3e9876641
files mcabber/mcabber/commands.c
diffstat 1 files changed, 19 insertions(+), 17 deletions(-) [+]
line wrap: on
line diff
--- a/mcabber/mcabber/commands.c	Thu May 11 14:32:24 2017 +0200
+++ b/mcabber/mcabber/commands.c	Thu May 11 14:35:35 2017 +0200
@@ -1543,7 +1543,7 @@
   struct stat buf;
   char *msgbuf, *msgbuf_utf8;
   char *p;
-  char *next_utf8_char;
+  gboolean valid;
   size_t len;
 
   fd = fopen(filename, "r");
@@ -1565,28 +1565,30 @@
   len = fread(msgbuf, 1, HBB_BLOCKSIZE-1, fd);
   fclose(fd);
 
-  next_utf8_char = msgbuf;
-
   // Check there is no binary data.  It must be a *message* file!
-  for (p = msgbuf ; *p ; p++) {
-    if (utf8_mode) {
-      if (p == next_utf8_char) {
-        if (!iswprint(get_char(p)) && *p != '\n' && *p != '\t')
+  valid = TRUE;
+  if (utf8_mode) {
+    valid = g_utf8_validate(msgbuf, len, (const gchar **)&p);
+  } else { // Non-UTF8
+    for (p = msgbuf ; *p; p++) {
+      if (!utf8_mode) {
+        unsigned char sc = *p;
+        if (!iswprint(sc) && sc != '\n' && sc != '\t') {
+          valid = FALSE;
           break;
-        next_utf8_char = next_char(p);
+        }
       }
-    } else {
-      unsigned char sc = *p;
-      if (!iswprint(sc) && sc != '\n' && sc != '\t')
-        break;
     }
   }
 
-  if (*p || (size_t)(p-msgbuf) != len) { // We're not at the End Of Line...
-    scr_LogPrint(LPRINT_LOGNORM, "Message file contains "
-                 "invalid characters (%s)", filename);
-    g_free(msgbuf);
-    return NULL;
+  if (valid && (*p || p != len+msgbuf)) {
+    valid = FALSE; // We're not at the End Of Line...
+  }
+  if (!valid) {
+      scr_LogPrint(LPRINT_LOGNORM, "Message file contains "
+                   "invalid characters (%s)", filename);
+      g_free(msgbuf);
+      return NULL;
   }
 
   // p is now at the EOL