Make form code safe against unnamed password/username elements

author: Benjamin Otte <otte@gnome.org> 2009-12-18 18:16:03 +0800
committer: Benjamin Otte <otte@gnome.org> 2009-12-18 21:21:00 +0800
commit: 6f69c3f879cc880d53dfb85081aef8462c3fad36 (patch)
tree: a3665bc6a56b49fe6ef0a93a3674b7d04223e108 /embed
parent: b6102135d673197eecdc6497d6153d00f6b75301 (diff)
download: gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.tar
gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.tar.gz
gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.tar.bz2
gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.tar.lz
gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.tar.xz
gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.tar.zst
gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.zip
1 files changed, 7 insertions, 2 deletions
diff --git a/embed/ephy-web-view.c b/embed/ephy-web-view.c
index 2935ed2ad..c95539c96 100644
--- a/embed/ephy-web-view.c
+++ b/embed/ephy-web-view.c
@@ -1065,6 +1065,11 @@ form_submitted_cb (JSContextRef js_context,
 
   name_field_name = js_get_element_attribute (js_context, name_element, "name");
   password_field_name = js_get_element_attribute (js_context, password_element, "name");
+  if (!name_field_name || !password_field_name) {
+    g_free (name_field_name);
+    g_free (password_field_name);
+    return JSValueMakeUndefined (js_context);
+  }
 
   js_string = JSStringCreateWithUTF8CString ("value");
   js_value = JSObjectGetProperty (js_context, name_element, js_string, NULL);
@@ -1142,8 +1147,8 @@ pre_fill_form (JSContextRef js_context,
     EphyEmbedSingleFormAuthData *data = (EphyEmbedSingleFormAuthData*)p->data;
     char *username_field_name = js_get_element_attribute (js_context, username_element, "name");
     char *password_field_name = js_get_element_attribute (js_context, password_element, "name");
-    if (g_str_equal (username_field_name, data->form_username) &&
-        g_str_equal (password_field_name, data->form_password)) {
+    if (g_strcmp0 (username_field_name, data->form_username) == 0 &&
+        g_strcmp0 (password_field_name, data->form_password) == 0) {
       FillData *fill_data = g_slice_new (FillData);
       char *uri_str = soup_uri_to_string (uri, FALSE);
author	Benjamin Otte <otte@gnome.org>	2009-12-18 18:16:03 +0800
committer	Benjamin Otte <otte@gnome.org>	2009-12-18 21:21:00 +0800
commit	6f69c3f879cc880d53dfb85081aef8462c3fad36 (patch)
tree	a3665bc6a56b49fe6ef0a93a3674b7d04223e108 /embed
parent	b6102135d673197eecdc6497d6153d00f6b75301 (diff)
download	gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.tar gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.tar.gz gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.tar.bz2 gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.tar.lz gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.tar.xz gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.tar.zst gsoc2013-epiphany-6f69c3f879cc880d53dfb85081aef8462c3fad36.zip