aboutsummaryrefslogtreecommitdiffstats
path: root/src/bookmarks/ephy-bookmarks.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/bookmarks/ephy-bookmarks.c')
-rw-r--r--src/bookmarks/ephy-bookmarks.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/src/bookmarks/ephy-bookmarks.c b/src/bookmarks/ephy-bookmarks.c
index 25caad17f..e934cad9f 100644
--- a/src/bookmarks/ephy-bookmarks.c
+++ b/src/bookmarks/ephy-bookmarks.c
@@ -1286,7 +1286,7 @@ get_option (char *start,
const char *name,
char **optionsend)
{
- char *end;
+ char *end, *p;
*optionsend = start;
@@ -1305,6 +1305,13 @@ get_option (char *start,
end = strstr (start, ",");
if (end == NULL || end >= *optionsend) end = *optionsend - 1;
+ /* limit option length and sanity-check it */
+ if (end - start > 32) return NULL;
+ for (p = start; p < end; ++p)
+ {
+ if (!g_ascii_isalnum (*p)) return NULL;
+ }
+
return g_strndup (start, end - start);
}
@@ -1382,7 +1389,7 @@ ephy_bookmarks_get_smart_bookmark_width (EphyNode *bookmark)
number = get_option (option, "width=", &end);
if (number == NULL) return 0;
- width = atoi (number);
+ width = (guint) g_ascii_strtoull (number, NULL, 10);
g_free (number);
return CLAMP (width, 1, 64);