diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | libsylph/html.c | 2 |
2 files changed, 5 insertions, 1 deletions
@@ -1,5 +1,9 @@ 2013-11-27 + * libsylph/html.c: html_unescape_str(): strictly check for utf8 length. + +2013-11-27 + * src/jpilot.c: jpilot_read_db_files(): fixed uninitialized variable "attrib", "unique_id" and "next_offset". diff --git a/libsylph/html.c b/libsylph/html.c index 9241793c..a86c07b0 100644 --- a/libsylph/html.c +++ b/libsylph/html.c @@ -770,7 +770,7 @@ static gchar *html_unescape_str(HTMLParser *parser, const gchar *str) gint len; len = g_unichar_to_utf8((gunichar)ch, buf); - if (len > 0 && len <= n + 1) { + if (len > 0 && len <= 6 && len <= n + 1) { memcpy(up, buf, len); up += len; } else { |