X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=gtk%2Fgtkiconcachevalidator.c;h=a4e6947826560d7af9e3f64d06b8e3fe2c408133;hb=ce0675f1fb2582717793ec29b1787039dfbf8437;hp=cb1d964ba74048c610c082349727bb71dead5495;hpb=2a80113304da3afab9b9d6930a95427e35a83af6;p=~andy%2Fgtk

diff --git a/gtk/gtkiconcachevalidator.c b/gtk/gtkiconcachevalidator.c
index cb1d964ba..a4e694782 100644
--- a/gtk/gtkiconcachevalidator.c
+++ b/gtk/gtkiconcachevalidator.c
@@ -12,9 +12,7 @@
  * Library General Public License for more details.
  *
  * You should have received a copy of the GNU Library General Public
- * License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
- * Boston, MA 02111-1307, USA.
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
  */
 #include "config.h"
 #include "gtkiconcachevalidator.h"
@@ -103,6 +101,32 @@ check_string (CacheInfo *info,
   return TRUE;
 }
 
+static gboolean 
+check_string_utf8 (CacheInfo *info, 
+                   guint32    offset)
+{
+  check ("string offset", offset < info->cache_size);
+
+  if (info->flags & CHECK_STRINGS) 
+    {
+      gint i;
+      gchar c;
+
+      /* assume no string is longer than 1k */
+      for (i = 0; i < 1024; i++) 
+        { 
+          check ("string offset", offset + i < info->cache_size)
+            c = *(info->cache + offset + i);
+          if (c == '\0')
+            break;
+        }
+      check ("string length", i < 1024);
+      check ("string utf8 data", g_utf8_validate((char *)(info->cache + offset), -1, NULL));
+    }
+
+  return TRUE;
+}
+
 static gboolean 
 check_directory_list (CacheInfo *info, 
                       guint32    offset)
@@ -140,7 +164,7 @@ check_pixel_data (CacheInfo *info,
       GdkPixdata data; 
  
       check ("pixel data", gdk_pixdata_deserialize (&data, length,
-                                                    info->cache + offset + 8, 
+                                                    (const guint8*)info->cache + offset + 8, 
                                                     NULL));
     }
 	
@@ -172,16 +196,18 @@ static gboolean
 check_display_name_list (CacheInfo *info, 
                          guint32    offset)
 {
-  guint32 n_display_names;
+  guint32 n_display_names, ofs;
   gint i;
 
   check ("offset, display name list", 
          get_uint32 (info, offset, &n_display_names));
   for (i = 0; i < n_display_names; i++) 
     {
-      if (!check_string (info, offset + 4 + 8 * i))
+      get_uint32(info, offset + 4 + 8 * i, &ofs);
+      if (!check_string (info, ofs))
         return FALSE;
-      if (!check_string (info, offset + 4 + 8 * i + 4))
+      get_uint32(info, offset + 4 + 8 * i + 4, &ofs);
+      if (!check_string_utf8 (info, ofs))
         return FALSE;
     }
 	
@@ -262,8 +288,7 @@ check_image (CacheInfo *info,
          get_uint32 (info, offset + 4, &image_data_offset));
 
   check ("image index", index < info->n_directories);
-  check ("image flags", flags == 1 || flags == 2 || flags == 4 ||
-                        flags == 9 || flags == 10 || flags == 12);
+  check ("image flags", flags < 16);
 
   if (image_data_offset != 0) 
     {