diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/html.c | 19 | ||||
-rw-r--r-- | src/rss.c | 6 |
2 files changed, 22 insertions, 3 deletions
@@ -86,6 +86,7 @@ static int url_extract_domain(const char *url, char *domain, int domain_len) { typedef int (*PluginListCallback)(const char *name, const char *url, void *userdata); static cJSON* plugin_list(char *plugin_filepath, const char *url, cJSON *downloaded_items, PluginListCallback callback, void *userdata) { int result; + cJSON *json_root = NULL; Buffer buffer; buffer_init(&buffer); @@ -129,7 +130,7 @@ static cJSON* plugin_list(char *plugin_filepath, const char *url, cJSON *downloa goto err_cleanup; } - cJSON *json_root = cJSON_ParseWithLength(buffer.data, buffer.size); + json_root = cJSON_ParseWithLength(buffer.data, buffer.size); if(!json_root) { fprintf(stderr, "Failed to load plugin %s list output as json\n", basename(plugin_filepath)); goto err_cleanup; @@ -138,7 +139,6 @@ static cJSON* plugin_list(char *plugin_filepath, const char *url, cJSON *downloa if(!cJSON_IsArray(json_root)) { fprintf(stderr, "Failed to load plugin %s list output as json\n", basename(plugin_filepath)); - cJSON_Delete(json_root); goto err_cleanup; } @@ -156,13 +156,21 @@ static cJSON* plugin_list(char *plugin_filepath, const char *url, cJSON *downloa char *name = name_json->valuestring; string_replace(name, '/', '_'); name = strip(name); + + if(name[0] == '\0' || strcmp(name, ".") == 0 || strcmp(name, "..") == 0) { + fprintf(stderr, "Listing html chapter gave a chapter with an invalid name. The chapter name can't be empty, . or ..\n"); + goto err_cleanup; + } + if(callback(name, url_json->valuestring, userdata) != 0) - break; + goto err_cleanup; } return json_root; err_cleanup: + if(json_root) + cJSON_Delete(json_root); buffer_deinit(&buffer); return NULL; } @@ -246,6 +254,11 @@ int add_html(const char *name, const char *url, char *html_config_dir, char *pro return -1; } + if(strcmp(name, ".") == 0 || strcmp(name, "..") == 0) { + fprintf(stderr, "Html name can't be . or ..\n"); + return -1; + } + char domain[2086]; if(looks_like_mangadex_id(url)) { strcpy(domain, "mangadex"); @@ -372,6 +372,12 @@ int add_rss(const char *name, char *url, char *rss_config_dir, const char *start name = stripped_rss_title; } + if(name[0] == '\0' || strcmp(name, ".") == 0 || strcmp(name, "..") == 0) { + fprintf(stderr, "Rss name can't be empty, . or ..\n"); + result = -1; + goto cleanup; + } + char *rss_tracked_dir = rss_config_dir; strcat(rss_tracked_dir, "/tracked/"); strcat(rss_tracked_dir, name); |