diff options
author | Dylan Simon <dylan@dylex.net> | 2011-09-11 22:19:55 -0400 |
---|---|---|
committer | Dylan Simon <dylan@dylex.net> | 2011-09-11 22:19:55 -0400 |
commit | 23dbcac12ebfd4391132dd27e646fcf892108502 (patch) | |
tree | 48aa130f58cef323016bcafa83da5caeeda71e4c /src | |
parent | d2b8f3353d6dcec90a77a89861d69f95f9d3e2fa (diff) |
Fix some quoting woes
- Avoid buffer overrun in split_quoted with trailing backslash (!)
- Properly quote COMMAND_EXECUTED arguments
- Remove unused and misleading parse_command function
Diffstat (limited to 'src')
-rw-r--r-- | src/io.c | 1 | ||||
-rw-r--r-- | src/uzbl-core.c | 30 |
2 files changed, 8 insertions, 23 deletions
@@ -129,6 +129,7 @@ control_stdin(GIOChannel *gio, GIOCondition condition) { parse_cmd_line(ctl_line, result); g_free(ctl_line); + if (*result->str) puts(result->str); g_string_free(result, TRUE); diff --git a/src/uzbl-core.c b/src/uzbl-core.c index 4d4868f..1e3bed3 100644 --- a/src/uzbl-core.c +++ b/src/uzbl-core.c @@ -527,8 +527,8 @@ split_quoted(const gchar* src, const gboolean unquote) { gchar **ret; gchar *dup; for (p = src; *p != '\0'; p++) { - if ((*p == '\\') && unquote) g_string_append_c(s, *++p); - else if (*p == '\\') { g_string_append_c(s, *p++); + if ((*p == '\\') && unquote && p[1]) g_string_append_c(s, *++p); + else if (*p == '\\' && p[1]) { g_string_append_c(s, *p++); g_string_append_c(s, *p); } else if ((*p == '"') && unquote && !sq) dq = !dq; else if (*p == '"' && !sq) { g_string_append_c(s, *p); @@ -617,12 +617,14 @@ run_parsed_command(const CommandInfo *c, GArray *a, GString *result) { if(strcmp("set", c->key) && strcmp("event", c->key) && strcmp("request", c->key)) { - // FIXME, build string inside send_event GString *param = g_string_new(""); const gchar *p; guint i = 0; - while ((p = argv_idx(a, i++))) - g_string_append_printf(param, " '%s'", p); + while ((p = argv_idx(a, i++))) { + g_string_append (param, " '"); + append_escaped (param, p); + g_string_append_c (param, '\''); + } /* might be destructive on array a */ c->function(uzbl.gui.web_view, a, result); @@ -694,24 +696,6 @@ parse_command_parts(const gchar *line, GArray *a) { return c; } -void -parse_command(const char *cmd, const char *params, GString *result) { - CommandInfo *c = g_hash_table_lookup(uzbl.behave.commands, cmd); - if(c) { - GArray *a = g_array_new (TRUE, FALSE, sizeof(gchar*)); - - parse_command_arguments(params, a, c->no_split); - run_parsed_command(c, a, result); - - g_array_free (a, TRUE); - } else { - send_event(COMMAND_ERROR, NULL, - TYPE_NAME, cmd, - TYPE_STR, params ? params : "", - NULL); - } -} - gboolean valid_name(const gchar* name) { char *invalid_chars = "\t^°!\"§$%&/()=?'`'+~*'#-:,;@<>| \\{}[]¹²³¼½"; |