[Commits] [SCM] claws branch, master, updated. 3.17.8-82-gac286a71e
paul at claws-mail.org
paul at claws-mail.org
Sun May 23 13:17:05 CEST 2021
The branch, master has been updated
via ac286a71ed78429e16c612161251b9ea90ccd431 (commit)
from a4a629ce824011f5ae3f0b8cb1117f9608b7f5ad (commit)
Summary of changes:
src/textview.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
- Log -----------------------------------------------------------------
commit ac286a71ed78429e16c612161251b9ea90ccd431
Author: Paul <paul at claws-mail.org>
Date: Sun May 23 12:16:40 2021 +0100
harden link checker before accepting click
diff --git a/src/textview.c b/src/textview.c
index 62ad46eaf..3cdf5d911 100644
--- a/src/textview.c
+++ b/src/textview.c
@@ -2885,7 +2885,7 @@ gboolean textview_uri_security_check(TextView *textview, ClickableText *uri)
gboolean retval = TRUE;
if (is_uri_string(uri->uri) == FALSE)
- return TRUE;
+ return FALSE;
visible_str = textview_get_visible_uri(textview, uri);
if (visible_str == NULL)
@@ -2922,6 +2922,8 @@ gboolean textview_uri_security_check(TextView *textview, ClickableText *uri)
if (aval == G_ALERTALTERNATE)
retval = TRUE;
}
+ if (strlen(uri->uri) > get_uri_len(uri->uri))
+ retval = FALSE;
g_free(visible_str);
-----------------------------------------------------------------------
hooks/post-receive
--
Claws Mail
More information about the Commits
mailing list