circlecloud/tmux
1
0
Fork 0
mirror of https://github.com/tmux/tmux.git synced 2026-05-30 14:16:18 +00:00
Code Issues Projects Releases Wiki Activity

Sanitize paste buffer names in paste_set and paste_rename, GitHub issue

Browse Source 
5032 from Barrett Ruth.
This commit is contained in:
nicm
2026-04-28 08:52:37 +00:00
parent 763dec881a
commit 746dd91e86
1 changed files with 26 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
paste.c
View File

@@ -205,6 +205,7 @@ int
paste_rename(const char *oldname, const char *newname, char **cause) paste_rename(const char *oldname, const char *newname, char **cause)
{ {
struct paste_buffer *pb, *pb_new; struct paste_buffer *pb, *pb_new;
char *name;
if (cause != NULL) if (cause != NULL)
*cause = NULL; *cause = NULL;
@@ -220,23 +221,33 @@ paste_rename(const char *oldname, const char *newname, char **cause)
return (-1); return (-1);
} }
name = clean_name(newname, "");
if (name == NULL) {
if (cause != NULL)
xasprintf(cause, "invalid buffer name: %s", newname);
return (-1);
}
pb = paste_get_name(oldname); pb = paste_get_name(oldname);
if (pb == NULL) { if (pb == NULL) {
if (cause != NULL) if (cause != NULL)
xasprintf(cause, "no buffer %s", oldname); xasprintf(cause, "no buffer %s", oldname);
free(name);
return (-1); return (-1);
} }
pb_new = paste_get_name(newname); pb_new = paste_get_name(name);
if (pb_new == pb) if (pb_new == pb) {
free(name);
return (0); return (0);
}
if (pb_new != NULL) if (pb_new != NULL)
paste_free(pb_new); paste_free(pb_new);
RB_REMOVE(paste_name_tree, &paste_by_name, pb); RB_REMOVE(paste_name_tree, &paste_by_name, pb);
free(pb->name); free(pb->name);
pb->name = xstrdup(newname); pb->name = name;
if (pb->automatic) if (pb->automatic)
paste_num_automatic--; paste_num_automatic--;
@@ -245,7 +256,7 @@ paste_rename(const char *oldname, const char *newname, char **cause)
RB_INSERT(paste_name_tree, &paste_by_name, pb); RB_INSERT(paste_name_tree, &paste_by_name, pb);
notify_paste_buffer(oldname, 1); notify_paste_buffer(oldname, 1);
notify_paste_buffer(newname, 0); notify_paste_buffer(pb->name, 0);
return (0); return (0);
} }
@@ -258,6 +269,7 @@ int
paste_set(char *data, size_t size, const char *name, char **cause) paste_set(char *data, size_t size, const char *name, char **cause)
{ {
struct paste_buffer *pb, *old; struct paste_buffer *pb, *old;
char *newname;
if (cause != NULL) if (cause != NULL)
*cause = NULL; *cause = NULL;
@@ -277,9 +289,16 @@ paste_set(char *data, size_t size, const char *name, char **cause)
return (-1); return (-1);
} }
newname = clean_name(name, "");
if (newname == NULL) {
if (cause != NULL)
xasprintf(cause, "invalid buffer name: %s", name);
return (-1);
}
pb = xmalloc(sizeof *pb); pb = xmalloc(sizeof *pb);
pb->name = xstrdup(name); pb->name = newname;
pb->data = data; pb->data = data;
pb->size = size; pb->size = size;
@@ -289,13 +308,13 @@ paste_set(char *data, size_t size, const char *name, char **cause)
pb->created = time(NULL); pb->created = time(NULL);
if ((old = paste_get_name(name)) != NULL) if ((old = paste_get_name(pb->name)) != NULL)
paste_free(old); paste_free(old);
RB_INSERT(paste_name_tree, &paste_by_name, pb); RB_INSERT(paste_name_tree, &paste_by_name, pb);
RB_INSERT(paste_time_tree, &paste_by_time, pb); RB_INSERT(paste_time_tree, &paste_by_time, pb);
notify_paste_buffer(name, 0); notify_paste_buffer(pb->name, 0);
return (0); return (0);
} }