diff --git a/src/ChangeLog b/src/ChangeLog index 7ad7c8ca..6dcaa279 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,10 @@ +2008-06-19 Xavier Saint + + * iri.c, iri.h : New function check_encoding_name() as + a priliminary encoding name check. + + * main.c, iri.c : Make use of check_encoding_name(). + 2008-06-19 Xavier Saint * iri.c : Include missing stringprep.h file and add a diff --git a/src/iri.c b/src/iri.c index b87e6ebe..fea7b150 100644 --- a/src/iri.c +++ b/src/iri.c @@ -64,6 +64,14 @@ parse_charset (char *str) /* sXXXav: could strdupdelim return NULL ? */ charset = strdupdelim (str, charset); + + /* Do a minimum check on the charset value */ + if (!check_encoding_name (charset)) + { + xfree (charset); + return NULL; + } + logprintf (LOG_VERBOSE, "parse_charset: %s\n", quote (charset)); return charset; @@ -79,3 +87,24 @@ find_locale (void) } +/* Basic check of an encoding name. */ +bool +check_encoding_name (char *encoding) +{ + char *s = encoding; + + while (*s) + { + if (!c_isascii(*s) || c_isspace(*s)) + { + logprintf (LOG_VERBOSE, "Encoding %s isn't valid\n", quote(encoding)); + return false; + } + + s++; + } + + return true; +} + + diff --git a/src/iri.h b/src/iri.h index eb344d9f..85a7fb7f 100644 --- a/src/iri.h +++ b/src/iri.h @@ -34,11 +34,13 @@ as that of the covered work. */ char *parse_charset (char *str); char *find_locale (void); +bool check_encoding_name (char *encoding); #else /* ENABLE_IRI */ -#define parse_charset(str) NULL -#define find_locale() NULL +#define parse_charset(str) NULL +#define find_locale() NULL +#define check_encoding_name(str) false #endif /* ENABLE_IRI */ #endif /* IRI_H */ diff --git a/src/main.c b/src/main.c index fc41153b..53ea6b91 100644 --- a/src/main.c +++ b/src/main.c @@ -1067,10 +1067,14 @@ for details.\n\n")); #ifdef ENABLE_IRI if (opt.enable_iri) { + if (opt.locale && !check_encoding_name(opt.locale)) + opt.locale = NULL; + if (!opt.locale) opt.locale = find_locale (); - /* sXXXav : check given locale and remote encoding */ + if (opt.encoding_remote && !check_encoding_name(opt.encoding_remote)) + opt.encoding_remote = NULL; logprintf (LOG_VERBOSE, "Locale = %s\n", quote (opt.locale)); }