[Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
Subject: |
[Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames |
From: |
"Per I. Mathisen" <per@xxxxxxxxxxx> |
Date: |
Tue, 12 Jul 2005 14:14:13 -0700 |
Reply-to: |
bugs@xxxxxxxxxxx |
<URL: http://bugs.freeciv.org/Ticket/Display.html?id=13463 >
On Tue, 12 Jul 2005, Raimar Falke wrote:
> What is the point if we forbid spaces anyway below?
Uh, good question.
> Alternative would be something like:
>
> if(strchr(".-_0123456789abc...zABC...Z", name[i])==NULL) {return FALSE;}
That would be a very long string. I prefer the long if.
New patch attached.
- Per
Index: utility/shared.c
===================================================================
RCS file: /home/freeciv/CVS/freeciv/utility/shared.c,v
retrieving revision 1.133
diff -u -r1.133 shared.c
--- utility/shared.c 15 Jun 2005 20:23:00 -0000 1.133
+++ utility/shared.c 12 Jul 2005 21:12:54 -0000
@@ -378,6 +378,34 @@
}
/***************************************************************
+ Check if name is safe security-wise.
+***************************************************************/
+bool is_safe_name(const char *name)
+{
+ int i;
+
+ /* must not be NULL or empty */
+ if (!name || *name == '\0') {
+ return FALSE;
+ }
+
+ /* Accept only alphanumerics and -._ */
+ for (i = 0; name[i]; i++) {
+ if (!((name[i] <= 'z' && name[i] >= 'a')
+ || (name[i] <= 'Z' && name[i] >= 'A')
+ || (name[i] <= '9' && name[i] >= '0')
+ || name[i] == '.'
+ || name[i] == '-'
+ || name[i] == '_')) {
+ return FALSE;
+ }
+ }
+
+ /* Otherwise, it is okay... */
+ return TRUE;
+}
+
+/***************************************************************
This is used in sundry places to make sure that names of cities,
players etc. do not contain yucky characters of various sorts.
Returns TRUE iff the name is acceptable.
Index: utility/shared.h
===================================================================
RCS file: /home/freeciv/CVS/freeciv/utility/shared.h,v
retrieving revision 1.145
diff -u -r1.145 shared.h
--- utility/shared.h 11 May 2005 08:03:27 -0000 1.145
+++ utility/shared.h 12 Jul 2005 21:12:55 -0000
@@ -184,6 +184,7 @@
const char *int_to_text(unsigned int number);
bool is_ascii_name(const char *name);
+bool is_safe_name(const char *name);
const char *textyear(int year);
int compare_strings(const void *first, const void *second);
int compare_strings_ptrs(const void *first, const void *second);
|
|