Re: [evolution-patches] calendar patch for 309420

From: Not Zed <notzed ximian com>
To: Christian Kellner <Christian Kellner scalix com>
Cc: Patches List <evolution-patches lists ximian com>, Sarfraaz Ahmed <asarfraaz novell com>
Subject: Re: [evolution-patches] calendar patch for 309420
Date: Wed, 24 Aug 2005 10:53:12 +0800

No, of course thats not what you want to do, sigh.

You can't create url's by just using sprintf, it wont work.  e.g. if the
user has an @ in their username, which is quite common.  Sure it may not
matter since this uri isn't used directly - but it will matter in that
the key wont be properly canonicalised.

And parsing them using strchr crap is no good.  This doesn't even check
if there IS an @ in the string - possible crash.

On Tue, 2005-08-23 at 10:56 -0700, Christian Kellner wrote:
> Hi everybody,
> 
> isn't rewriting parts of a url parsing routine not a bit dangerous here?
> Maybe not, I just wanna check:
> 
> +       char *at = strchr (uri, '@');
> +       char *slash;
> 
> This should get the @ between username and host, right? Can it be that a
> user has a @ in the username? I guess it should be url encoded though,
> so that wouldnt be a problem then, but can you relay on that? I know we
> had problems with that in GnomeVFSURI. 
> 
> +       at++; /* Parse over the @ symbol */
> +       slash = strchr (at, '/');
> 
> Then you are grabbing the first path separator and return the portion
> between the @ and the / as the hostname, but what about having port
> specification in the url, like "foo.bar:433/se"? Wouldn't be better to
> use Euri here? Maybe that isnt a problem too because you might wanna
> have that portion in the later concatted new_uri string. 
> 
> +   new_uri = g_strdup_printf ("%s%s;%s %s/", base_uri, user_name,
> auth_type, host_name);
> 
> Concat base_uri, user_name, auth_type and host_name? Is that really what
> you wanna do? So if base_uri is "foo://ckellner bar se" you would get
> "foo://ckellner bar seckellner;plain/password bar se"?
> 
> Just my $0.02 and I might got that all wrong,
> Christian
> 
> _______________________________________________
> evolution-patches mailing list
> evolution-patches lists ximian com
> http://lists.ximian.com/mailman/listinfo/evolution-patches
-- 
adfa(evolution-2.4:20087): gtkhtml-WARNING **: cannot find icon:
'stock_insert-url' in gnome

References:
- [evolution-patches] calendar patch for 309420
  - From: Sarfraaz Ahmed
- Re: [evolution-patches] calendar patch for 309420
  - From: Christian Kellner

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]