[rygel] media-export: Add some checks for user-provided virtual ids
- From: Zeeshan Ali Khattak <zeeshanak src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [rygel] media-export: Add some checks for user-provided virtual ids
- Date: Mon, 22 Mar 2010 17:07:41 +0000 (UTC)
commit df15a59857ff2c830c93f701a37aa1c49a8c56ff
Author: Jens Georg <mail jensge org>
Date: Sun Mar 14 12:13:52 2010 +0100
media-export: Add some checks for user-provided virtual ids
.../rygel-media-export-query-container.vala | 37 ++++++++++++++++++++
.../rygel-media-export-root-container.vala | 7 ++++
2 files changed, 44 insertions(+), 0 deletions(-)
---
diff --git a/src/plugins/media-export/rygel-media-export-query-container.vala b/src/plugins/media-export/rygel-media-export-query-container.vala
index 2a77105..0329abb 100644
--- a/src/plugins/media-export/rygel-media-export-query-container.vala
+++ b/src/plugins/media-export/rygel-media-export-query-container.vala
@@ -29,6 +29,43 @@ internal class Rygel.MediaExportQueryContainer : Rygel.MediaDBContainer {
public string plaintext_id;
private string pattern = "";
+ /**
+ * Simple check for validity of user-supplied virtual folder id
+ *
+ * @param id to check
+ * @return true, if id passes, false otherwise
+ */
+ public static bool validate_virtual_id (string id) {
+ if (! id.has_prefix (PREFIX)) {
+
+ return false;
+ }
+
+ var args = id.split(",");
+
+ if ((args.length % 2) != 0) {
+ warning ("Id does not contain pairs");
+
+ return false;
+ }
+
+ for (int i = 0; i < args.length; i += 2) {
+ if (args[i] == "" || args[i + 1] == "") {
+ warning ("Empty part not allowed in virtual id");
+
+ return false;
+ }
+
+ if (args[i] == "?") {
+ warning ("Placeholder can only be on second place");
+
+ return false;
+ }
+ }
+
+ return true;
+ }
+
public MediaExportQueryContainer (MediaDB media_db,
string id,
string name) {
diff --git a/src/plugins/media-export/rygel-media-export-root-container.vala b/src/plugins/media-export/rygel-media-export-root-container.vala
index 19719fd..12c0d68 100644
--- a/src/plugins/media-export/rygel-media-export-root-container.vala
+++ b/src/plugins/media-export/rygel-media-export-root-container.vala
@@ -289,6 +289,13 @@ public class Rygel.MediaExportRootContainer : Rygel.MediaDBContainer {
foreach (var container in virtual_containers) {
var info = container.split ("=");
var id = MediaExportQueryContainer.PREFIX + info[1];
+ if (!MediaExportQueryContainer.validate_virtual_id (id)) {
+ warning ("%s is not a valid virtual id", id);
+
+ continue;
+ }
+ id = MediaExportQueryContainer.register_id (id);
+
var virtual_container = new MediaExportQueryContainer (
this.media_db,
id,
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]