luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2024-09-20 01:06:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Bug 623407 - g_keyfile_settings_backend_new crash

Browse Source 
The keyfile backend forms paths like this:

  prefix + group_name + '/' + keyname

If the prefix is '/apps/yelp/' and the group name is '/' then this means
that we end up with a key name of (for example):

  '/apps/yelp/' + '/' + '/' + 'font-adjustment'

= '/apps/yelp///font-adjustment'

which is obviously not a valid key name.

This patch rejects group names starting or ending with '/' or containing
'//' and also rejects keys containing '/'.  This should make it
impossible for invalid keys to be formed.
This commit is contained in:
Ryan Lortie 2010-07-02 11:35:43 -04:00
parent a941660873
commit a16128655f
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
gio/gkeyfilesettingsbackend.c
View File

@ -400,12 +400,23 @@ keyfile_to_tree (GKeyfileSettingsBackend *kfsb,
gint j;
is_root_group = g_strcmp0 (kfsb->root_group, groups[i]) == 0;
/* reject group names that will form invalid key names */
if (!is_root_group &&
(g_str_has_prefix (groups[i], "/") ||
g_str_has_suffix (groups[i], "/") || strstr (groups[i], "//")))
continue;
keys = g_key_file_get_keys (keyfile, groups[i], NULL, NULL);
for (j = 0; keys[j]; j++)
{
gchar *path, *value;
/* reject key names with slashes in them */
if (strchr (keys[j], '/'))
continue;
if (is_root_group)
path = g_strdup_printf ("%s%s", kfsb->prefix, keys[j]);
else