[Spice-devel] [PATCH spice-gtk] Fix parsing URI query

Daniel P. Berrange berrange at redhat.com
Wed May 2 05:09:21 PDT 2012


On Wed, May 02, 2012 at 02:03:55PM +0200, Marc-André Lureau wrote:
> Do not depend on uninitialized "len" variable to set the query string.
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=818169
> ---
>  gtk/spice-session.c |    8 +++-----
>  1 file changed, 3 insertions(+), 5 deletions(-)
> 
> diff --git a/gtk/spice-session.c b/gtk/spice-session.c
> index 959e099..b3c66ce 100644
> --- a/gtk/spice-session.c
> +++ b/gtk/spice-session.c
> @@ -249,7 +249,6 @@ static int spice_uri_parse(SpiceSession *session, const char *original_uri)
>      gchar key[32], value[128];
>      gchar *host = NULL, *port = NULL, *tls_port = NULL, *uri = NULL, *password = NULL;
>      gchar **target_key;
> -    int len;
>      gchar *path = NULL;
>      gchar *authority = NULL;
>      gchar *query = NULL;
> @@ -277,12 +276,10 @@ static int spice_uri_parse(SpiceSession *session, const char *original_uri)
>  
>      if (path) {
>          size_t prefix = strcspn(path, URI_QUERY_START);
> -        if (len)
> -            query = path + prefix;
> +        query = path + prefix;
>      } else {
>          size_t prefix = strcspn(authority, URI_QUERY_START);
> -        if (len)
> -            query = authority + prefix;
> +        query = authority + prefix;

If there is no query character at all (ie no '?') then 'query' will
now get initialized to the same as 'path' or 'authority' which is
wrong.  These 'if (len)' should have actually been 'if (prefix)',
so that we leave 'query' as NULL if we don't match.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|


More information about the Spice-devel mailing list