From: Christian H. <ch...@us...> - 2002-08-23 23:22:29
|
Update of /cvsroot/gaim/gaim/src In directory usw-pr-cvs1:/tmp/cvs-serv19364 Modified Files: browser.c Log Message: Life is unhappy when you click a link that says <a href="http://127.0.0.1 && rm -rf /">pr0n!</a> Please don't try this on your friends. Update CVS :) Index: browser.c =================================================================== RCS file: /cvsroot/gaim/gaim/src/browser.c,v retrieving revision 1.25 retrieving revision 1.26 diff -u -d -r1.25 -r1.26 --- browser.c 22 Aug 2002 03:13:39 -0000 1.25 +++ browser.c 23 Aug 2002 23:22:26 -0000 1.26 @@ -559,58 +559,6 @@ } -#if !GTK_CHECK_VERSION(1,3,0) -/* From Glib 2.0 */ -/** - * g_shell_quote: - * @unquoted_string: a literal string - * - * Quotes a string so that the shell (/bin/sh) will interpret the - * quoted string to mean @unquoted_string. If you pass a filename to - * the shell, for example, you should first quote it with this - * function. The return value must be freed with g_free(). The - * quoting style used is undefined (single or double quotes may be - * used). - * - * Return value: quoted string -**/ -gchar* -g_shell_quote (const gchar *unquoted_string) -{ - /* We always use single quotes, because the algorithm is cheesier. - * We could use double if we felt like it, that might be more - * human-readable. - */ - const gchar *p; - GString *dest; - - g_return_val_if_fail (unquoted_string != NULL, NULL); - - dest = g_string_new ("'"); - - p = unquoted_string; - - /* could speed this up a lot by appending chunks of text at a - * time. - */ - while (*p) - { - /* Replace literal ' with a close ', a \', and a open ' */ - if (*p == '\'') - g_string_append (dest, "'\\''"); - else - g_string_append_c (dest, *p); - ++p; - } - /* close the quote */ - g_string_append_c (dest, '\''); - - p = dest->str; - g_string_free (dest, FALSE); - return p; -} -#endif - void open_url(GtkWidget *w, char *url) { @@ -634,7 +582,7 @@ pid = fork(); if (pid == 0) { - char *args[4]; + char **args; char command[1024]; char *quoted = NULL; @@ -663,12 +611,11 @@ args[1] = url; args[2] = NULL; } else if (web_browser == BROWSER_MANUAL) { - g_snprintf(command, sizeof(command), web_command, quoted); - quoted = g_shell_quote(command); - args[0] = "sh"; - args[1] = "-c"; - args[2] = quoted; - args[3] = NULL; + gchar *space_free_url; + space_free_url = g_strdelimit(url, " ", '+'); + g_snprintf(command, sizeof(command), web_command, space_free_url); + g_free(space_free_url); + args = g_strsplit(command, " ", 0); } execvp(args[0], args); |