Complete.Org: Mailing Lists: Archives: freeciv-dev: July 2005:
[Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames

[Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]

Subject:	[Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames
From:	"Per I. Mathisen" <per@xxxxxxxxxxx>
Date:	Tue, 12 Jul 2005 15:10:54 -0700
Reply-to:	bugs@xxxxxxxxxxx

<URL: http://bugs.freeciv.org/Ticket/Display.html?id=13463 >

Jason suggsted that '.' should be banned too, and I agreed with him, so
here is yet another patch.

  - Per

Index: utility/shared.c
===================================================================
RCS file: /home/freeciv/CVS/freeciv/utility/shared.c,v
retrieving revision 1.133
diff -u -r1.133 shared.c
--- utility/shared.c    15 Jun 2005 20:23:00 -0000      1.133
+++ utility/shared.c    12 Jul 2005 22:09:00 -0000
@@ -378,6 +378,33 @@
 }
 
 /***************************************************************
+  Check if name is safe security-wise.
+***************************************************************/
+bool is_safe_name(const char *name)
+{
+  int i;
+
+  /* must not be NULL or empty */
+  if (!name || *name == '\0') {
+    return FALSE; 
+  }
+
+  /* Accept only alphanumerics and -._ */
+  for (i = 0; name[i]; i++) {
+    if (!((name[i] <= 'z' && name[i] >= 'a')
+          || (name[i] <= 'Z' && name[i] >= 'A')
+          || (name[i] <= '9' && name[i] >= '0')
+          || name[i] == '-'
+          || name[i] == '_')) {
+      return FALSE;
+    }
+  }
+
+  /* Otherwise, it is okay... */
+  return TRUE;
+}
+
+/***************************************************************
   This is used in sundry places to make sure that names of cities,
   players etc. do not contain yucky characters of various sorts.
   Returns TRUE iff the name is acceptable.
Index: utility/shared.h
===================================================================
RCS file: /home/freeciv/CVS/freeciv/utility/shared.h,v
retrieving revision 1.145
diff -u -r1.145 shared.h
--- utility/shared.h    11 May 2005 08:03:27 -0000      1.145
+++ utility/shared.h    12 Jul 2005 22:09:01 -0000
@@ -184,6 +184,7 @@
 const char *int_to_text(unsigned int number);
 
 bool is_ascii_name(const char *name);
+bool is_safe_name(const char *name);
 const char *textyear(int year);
 int compare_strings(const void *first, const void *second);
 int compare_strings_ptrs(const void *first, const void *second);

[Prev in Thread]

Current Thread

[Next in Thread]

[Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames, Raimar Falke, 2005/07/12
- [Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames, Per I. Mathisen, 2005/07/12
  - [Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames, Per I. Mathisen <=
    - [Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames, Benoit Hudson, 2005/07/12
    - [Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames, Raimar Falke, 2005/07/13
    - [Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames, Jason Short, 2005/07/14

Prev by Date: [Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames
Next by Date: [Freeciv-Dev] (PR#13262) include pubserver jobs v5
Previous by thread: [Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames
Next by thread: [Freeciv-Dev] Re: (PR#13463) New function to eval safety of filenames
Index(es):
- Date
- Thread