From: Mario Rugiero <mrugi...@gmail.com>
In cases where a parameter is passed to an URI search but
the corresponding value is missing, libfm users (PCManFM)
would crash or worse due to assuming value to be valid.
Since all of the params depend on this value, the reasonable
fix seems to be an early break or continue.
---
src/modules/vfs-search.c | 36 +++++++++++++++++++++++++-----------
1 file changed, 25 insertions(+), 11 deletions(-)
diff --git a/src/modules/vfs-search.c b/src/modules/vfs-search.c
index 57a375c..64344f2 100644
--- a/src/modules/vfs-search.c
+++ b/src/modules/vfs-search.c
@@ -464,21 +464,35 @@ static void parse_search_uri(FmVfsSearchEnumerator* priv,
const char* uri_str)
char* value = strchr(params, '=');
char* sep = strchr(params, '&');
- if (value && (sep == NULL || value < sep))
+ /* If there's no value, the whole param is crippled.
+ * At the very least, that's the case for how currently
+ * supported params work.
+ */
+ if (value == NULL && sep == NULL)
{
- name = g_strndup(params, value - params);
- if (sep)
- value = g_uri_unescape_segment(value+1, sep, NULL);
- else
- value = g_uri_unescape_string(value+1, NULL);
+ /* sep == NULL means this is the last parameter. */
+ break;
}
- else if (sep)
+ else if (value == NULL)
{
- name = g_strndup(params, sep - params);
- value = NULL;
+ /* No value, but still more params later. */
+ params = sep + 1;
+ continue;
+ }
+ else if (value >= sep)
+ {
+ /* We found a value, but it's for a later param, as it's
+ * after the next sep.
+ */
+ params = sep + 1;
+ continue;
}
- else /* value == NULL && sep == NULL */
- name = g_strdup(params);
+
+ name = g_strndup(params, value - params);
+ if (sep)
+ value = g_uri_unescape_segment(value+1, sep, NULL);
+ else
+ value = g_uri_unescape_string(value+1, NULL);
/* g_printf("parameter name/value: %s = %s\n", name, value); */
--
2.17.1
_______________________________________________
Lxde-list mailing list
Lxde-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxde-list
