diff options
Diffstat (limited to 'apps/gui/skin_engine/skin_parser.c')
-rw-r--r-- | apps/gui/skin_engine/skin_parser.c | 33 |
1 files changed, 22 insertions, 11 deletions
diff --git a/apps/gui/skin_engine/skin_parser.c b/apps/gui/skin_engine/skin_parser.c index 501d76e5c7..568f9cb578 100644 --- a/apps/gui/skin_engine/skin_parser.c +++ b/apps/gui/skin_engine/skin_parser.c | |||
@@ -1026,6 +1026,13 @@ static int parse_progressbar(const char *wps_bufptr, | |||
1026 | } | 1026 | } |
1027 | 1027 | ||
1028 | #ifdef HAVE_ALBUMART | 1028 | #ifdef HAVE_ALBUMART |
1029 | static int parse_int(const char *newline, const char **_pos, int *num) | ||
1030 | { | ||
1031 | *_pos = parse_list("d", NULL, '|', *_pos, num); | ||
1032 | |||
1033 | return (!*_pos || *_pos > newline || **_pos != '|'); | ||
1034 | } | ||
1035 | |||
1029 | static int parse_albumart_load(const char *wps_bufptr, | 1036 | static int parse_albumart_load(const char *wps_bufptr, |
1030 | struct wps_token *token, | 1037 | struct wps_token *token, |
1031 | struct wps_data *wps_data) | 1038 | struct wps_data *wps_data) |
@@ -1050,16 +1057,22 @@ static int parse_albumart_load(const char *wps_bufptr, | |||
1050 | 1057 | ||
1051 | newline = strchr(wps_bufptr, '\n'); | 1058 | newline = strchr(wps_bufptr, '\n'); |
1052 | 1059 | ||
1053 | /* initial validation and parsing of x and y components */ | 1060 | _pos = wps_bufptr; |
1054 | if (*wps_bufptr != '|') | 1061 | |
1062 | if (*_pos != '|') | ||
1055 | return WPS_ERROR_INVALID_PARAM; /* malformed token: e.g. %Cl7 */ | 1063 | return WPS_ERROR_INVALID_PARAM; /* malformed token: e.g. %Cl7 */ |
1056 | 1064 | ||
1057 | _pos = wps_bufptr + 1; | 1065 | ++_pos; |
1058 | _pos = parse_list("dd", NULL, '|', _pos, &aa->x, &aa->y); | 1066 | |
1067 | /* initial validation and parsing of x component */ | ||
1068 | if (parse_int(newline, &_pos, &aa->x)) | ||
1069 | return WPS_ERROR_INVALID_PARAM; | ||
1059 | 1070 | ||
1060 | if (!_pos || _pos > newline || *_pos != '|') | 1071 | ++_pos; |
1061 | return WPS_ERROR_INVALID_PARAM; /* malformed token: no | after y coordinate | 1072 | |
1062 | e.g. %Cl|7|59\n */ | 1073 | /* initial validation and parsing of y component */ |
1074 | if (parse_int(newline, &_pos, &aa->y)) | ||
1075 | return WPS_ERROR_INVALID_PARAM; | ||
1063 | 1076 | ||
1064 | /* parsing width field */ | 1077 | /* parsing width field */ |
1065 | parsing = true; | 1078 | parsing = true; |
@@ -1099,8 +1112,7 @@ static int parse_albumart_load(const char *wps_bufptr, | |||
1099 | /* extract max width data */ | 1112 | /* extract max width data */ |
1100 | if (*_pos != '|') | 1113 | if (*_pos != '|') |
1101 | { | 1114 | { |
1102 | _pos = parse_list("d", NULL, '|', _pos, &aa->width); | 1115 | if (parse_int(newline, &_pos, &aa->width)) |
1103 | if (!_pos || _pos > newline || *_pos != '|') | ||
1104 | return WPS_ERROR_INVALID_PARAM; | 1116 | return WPS_ERROR_INVALID_PARAM; |
1105 | } | 1117 | } |
1106 | 1118 | ||
@@ -1142,8 +1154,7 @@ static int parse_albumart_load(const char *wps_bufptr, | |||
1142 | /* extract max height data */ | 1154 | /* extract max height data */ |
1143 | if (*_pos != '|') | 1155 | if (*_pos != '|') |
1144 | { | 1156 | { |
1145 | _pos = parse_list("d", NULL, '|', _pos, &aa->height); | 1157 | if (parse_int(newline, &_pos, &aa->height)) |
1146 | if (!_pos || _pos > newline || *_pos != '|') | ||
1147 | return WPS_ERROR_INVALID_PARAM; | 1158 | return WPS_ERROR_INVALID_PARAM; |
1148 | } | 1159 | } |
1149 | 1160 | ||