From ca848e5756dfd0a983f19c6ea6e6a78ad01ed7ee Mon Sep 17 00:00:00 2001 From: Ettore Perazzoli Date: Thu, 15 May 2003 18:19:16 +0000 Subject: Protect against the component name having slashes in it. * e-shell.c (parse_default_uri): Protect against the component name having slashes in it. * e-shell-view.c (display_uri): Protect against invalid "default:" URIs. [#43079] svn path=/trunk/; revision=21194 --- shell/ChangeLog | 8 ++++++++ shell/e-shell-view.c | 7 ++++++- shell/e-shell.c | 5 +++++ 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/shell/ChangeLog b/shell/ChangeLog index d48f6c08af..3025670980 100644 --- a/shell/ChangeLog +++ b/shell/ChangeLog @@ -1,3 +1,11 @@ +2003-05-15 Ettore Perazzoli + + * e-shell.c (parse_default_uri): Protect against the component + name having slashes in it. + + * e-shell-view.c (display_uri): Protect against invalid "default:" + URIs. [#43079] + 2003-05-15 Rodrigo Moya * main.c: #ifdef'ed wombat killing code, depending on whether diff --git a/shell/e-shell-view.c b/shell/e-shell-view.c index ccbcffa5ce..ba94aa0ed3 100644 --- a/shell/e-shell-view.c +++ b/shell/e-shell-view.c @@ -2448,7 +2448,7 @@ display_uri (EShellView *shell_view, View *view; gboolean retval; const char *view_info; - char *real_uri; + char *real_uri = NULL; char *allocated_uri = NULL; priv = shell_view->priv; @@ -2476,6 +2476,11 @@ display_uri (EShellView *shell_view, if (strncmp (uri, E_SHELL_DEFAULTURI_PREFIX, E_SHELL_DEFAULTURI_PREFIX_LEN) == 0) { allocated_uri = evolution_uri_for_default_uri (e_shell_view_get_shell (shell_view), uri); + if (allocated_uri == NULL) { + retval = FALSE; + goto end; + } + uri = allocated_uri; } diff --git a/shell/e-shell.c b/shell/e-shell.c index 8b081c2052..5dbf9f8666 100644 --- a/shell/e-shell.c +++ b/shell/e-shell.c @@ -2167,6 +2167,11 @@ parse_default_uri (EShell *shell, else component = g_strndup (component_start, p - component_start); + if (strchr (component, '/') != NULL) { + g_free (component); + return FALSE; + } + client = gconf_client_get_default (); config_path = g_strdup_printf ("/apps/evolution/shell/default_folders/%s_path", component); -- cgit