aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChristian Persch <chpe@cvs.gnome.org>2005-02-27 21:14:39 +0800
committerChristian Persch <chpe@src.gnome.org>2005-02-27 21:14:39 +0800
commitdbe82af48107b7ed00e21257507dc4e81ce1600c (patch)
tree116f0b0d71e5d5c05b67d0a838c3f67fc1b58249
parent6a524f7dfb9b8e4d4f3c4f0c0ef6bd1ce062b504 (diff)
downloadgsoc2013-epiphany-dbe82af48107b7ed00e21257507dc4e81ce1600c.tar
gsoc2013-epiphany-dbe82af48107b7ed00e21257507dc4e81ce1600c.tar.gz
gsoc2013-epiphany-dbe82af48107b7ed00e21257507dc4e81ce1600c.tar.bz2
gsoc2013-epiphany-dbe82af48107b7ed00e21257507dc4e81ce1600c.tar.lz
gsoc2013-epiphany-dbe82af48107b7ed00e21257507dc4e81ce1600c.tar.xz
gsoc2013-epiphany-dbe82af48107b7ed00e21257507dc4e81ce1600c.tar.zst
gsoc2013-epiphany-dbe82af48107b7ed00e21257507dc4e81ce1600c.zip
Check the favicon file type and only allow ico, gif & png. Fixes bug
2005-02-27 Christian Persch <chpe@cvs.gnome.org> * embed/ephy-favicon-cache.c: (ephy_favicon_cache_get): Check the favicon file type and only allow ico, gif & png. Fixes bug #163886.
-rw-r--r--ChangeLog7
-rw-r--r--embed/ephy-favicon-cache.c48
2 files changed, 54 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index b48c749b5..ac7b2ae7a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2005-02-27 Christian Persch <chpe@cvs.gnome.org>
+
+ * embed/ephy-favicon-cache.c: (ephy_favicon_cache_get):
+
+ Check the favicon file type and only allow ico, gif & png.
+ Fixes bug #163886.
+
2005-02-26 Christian Persch <chpe@cvs.gnome.org>
* embed/mozilla/mozilla-embed-single.cpp:
diff --git a/embed/ephy-favicon-cache.c b/embed/ephy-favicon-cache.c
index 7012191e0..6d7269a48 100644
--- a/embed/ephy-favicon-cache.c
+++ b/embed/ephy-favicon-cache.c
@@ -68,7 +68,8 @@ enum
EPHY_NODE_FAVICON_PROP_URL = 2,
EPHY_NODE_FAVICON_PROP_FILENAME = 3,
EPHY_NODE_FAVICON_PROP_LAST_USED = 4,
- EPHY_NODE_FAVICON_PROP_STATE = 5
+ EPHY_NODE_FAVICON_PROP_STATE = 5,
+ EPHY_NODE_FAVICON_PROP_CHECKED = 6
};
static guint signals[LAST_SIGNAL] = { 0 };
@@ -404,6 +405,7 @@ ephy_favicon_cache_get (EphyFaviconCache *cache,
GValue value = { 0, };
char *pix_file;
GdkPixbuf *pixbuf;
+ gboolean valid = FALSE;
if (url == NULL) return NULL;
@@ -458,6 +460,50 @@ ephy_favicon_cache_get (EphyFaviconCache *cache,
ephy_node_get_property_string (icon, EPHY_NODE_FAVICON_PROP_FILENAME),
NULL);
+ /* Check for supported icon types */
+ if (ephy_node_get_property (icon, EPHY_NODE_FAVICON_PROP_CHECKED, &value))
+ {
+ valid = g_value_get_boolean (&value);
+ g_value_unset (&value);
+ }
+ else
+ {
+ GnomeVFSFileInfo *info;
+
+ /* Sniff mime type and check if it's safe to open */
+ info = gnome_vfs_file_info_new ();
+ if (gnome_vfs_get_file_info (pix_file, info,
+ GNOME_VFS_FILE_INFO_GET_MIME_TYPE |
+ GNOME_VFS_FILE_INFO_FORCE_SLOW_MIME_TYPE) == GNOME_VFS_OK &&
+ (info->valid_fields & GNOME_VFS_FILE_INFO_FIELDS_MIME_TYPE) &&
+ info->mime_type != NULL)
+ {
+ valid = strcmp (info->mime_type, "image/x-ico") == 0 ||
+ strcmp (info->mime_type, "image/png") == 0 ||
+ strcmp (info->mime_type, "image/gif") == 0;
+ }
+ gnome_vfs_file_info_unref (info);
+
+ g_value_init (&value, G_TYPE_BOOLEAN);
+ g_value_set_boolean (&value, valid);
+ ephy_node_set_property (icon, EPHY_NODE_FAVICON_PROP_CHECKED, &value);
+ g_value_unset (&value);
+
+ /* remove invalid files from cache */
+ if (valid == FALSE)
+ {
+ gnome_vfs_unlink (pix_file);
+ }
+
+ LOG ("%s icon file %s", valid ? "Validated" : "Invalidated", pix_file);
+ }
+
+ if (valid == FALSE)
+ {
+ g_free (pix_file);
+ return NULL;
+ }
+
LOG ("Create pixbuf for %s", pix_file);
pixbuf = gdk_pixbuf_new_from_file (pix_file, NULL);