summaryrefslogtreecommitdiffstats
path: root/info.c
diff options
context:
space:
mode:
authorGravatar Lubomir I. Ivanov <neolit123@gmail.com>2012-10-18 00:43:48 +0300
committerGravatar Dirk Hohndel <dirk@hohndel.org>2012-10-17 15:08:33 -0700
commit88a321c9833de40be77c133b8818b9abdcae3c2e (patch)
tree855ee7df1616b5b794723c27102b5e645715da3e /info.c
parent557a83576522b70709ee12a45077f40d321251a5 (diff)
downloadsubsurface-88a321c9833de40be77c133b8818b9abdcae3c2e.tar.gz
Allocate memory for and truncate strings that go into the title bar
info.c:show_dive_info() uses buffers of 80 char, which might not be enough for all unicode strings to fit. The function snprintf() can be used to truncate a string to the maximum buffer length, however this should not be used with unicode strings, since it can split the bytes of a wide char, causing some corruption. Instead of a fixed buffer we now allocate/free memory for the title text and attempt to more safely truncate user entered text by using g_utf8_strlen() and g_utf8_strncpy(). Long unicode filenames still remain a responsibility of the user, but they should be now safe as well. On the other hand the string formed by the function divename() and the variable maxlen should be monitored by developers to accommodate all translations. Signed-off-by: Lubomir I. Ivanov <neolit123@gmail.com> Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
Diffstat (limited to 'info.c')
-rw-r--r--info.c42
1 files changed, 34 insertions, 8 deletions
diff --git a/info.c b/info.c
index b59b89940..687f83db1 100644
--- a/info.c
+++ b/info.c
@@ -114,17 +114,26 @@ static int divename(char *buf, size_t size, struct dive *dive)
void show_dive_info(struct dive *dive)
{
+ const char *subs = "Subsurface: ";
const char *text;
- char buffer[80];
- char title[80];
+ const int maxlen = 128;
char *basename;
+ char *title;
+ char *buffer = NULL;
+ int len1, len2, sz;
if (!dive) {
if (existing_filename) {
basename = g_path_get_basename(existing_filename);
- snprintf(title, 80, "Subsurface: %s", basename);
- free(basename);
+ len1 = strlen(subs);
+ len2 = g_utf8_strlen(basename, -1);
+ sz = (len1 + len2 + 1) * sizeof(gunichar);
+ title = malloc(sz);
+ strncpy(title, subs, len1);
+ g_utf8_strncpy(title + len1, basename, len2);
gtk_window_set_title(GTK_WINDOW(main_window), title);
+ free(basename);
+ free(title);
} else {
gtk_window_set_title(GTK_WINDOW(main_window), "Subsurface");
}
@@ -143,23 +152,40 @@ void show_dive_info(struct dive *dive)
text = "";
if (*text) {
if (dive->number) {
- snprintf(buffer, sizeof(buffer), _("Dive #%d - %s"), dive->number, text);
+ len1 = g_utf8_strlen(text, -1);
+ sz = (len1 + 32) * sizeof(gunichar);
+ buffer = malloc(sz);
+ snprintf(buffer, sz, _("Dive #%d - "), dive->number);
+ g_utf8_strncpy(buffer + strlen(buffer), text, len1);
text = buffer;
}
} else {
- divename(buffer, sizeof(buffer), dive);
+ sz = (maxlen + 32) * sizeof(gunichar);
+ buffer = malloc(sz);
+ divename(buffer, sz, dive);
text = buffer;
}
/* put it all together */
if (existing_filename) {
basename = g_path_get_basename(existing_filename);
- snprintf(title, 80, "%s: %s", basename, text);
- free(basename);
+ len1 = g_utf8_strlen(basename, -1);
+ len2 = g_utf8_strlen(text, -1);
+ if (len2 > maxlen)
+ len2 = maxlen;
+ sz = (len1 + len2 + 3) * sizeof(gunichar); /* reserver space for ": " */
+ title = malloc(sz);
+ g_utf8_strncpy(title, basename, len1);
+ strncpy(title + strlen(basename), (const char *)": ", 2);
+ g_utf8_strncpy(title + strlen(basename) + 2, text, len2);
gtk_window_set_title(GTK_WINDOW(main_window), title);
+ free(basename);
+ free(title);
} else {
gtk_window_set_title(GTK_WINDOW(main_window), text);
}
+ if (buffer)
+ free(buffer);
SET_TEXT_VALUE(divemaster);
SET_TEXT_VALUE(buddy);
SET_TEXT_VALUE(location);