[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-commits
Subject: KDE/kdebase/workspace/plasma/dataengines/weather/ions
From: Shawn Starr <shawn.starr () rogers ! com>
Date: 2009-02-11 23:28:16
Message-ID: 1234394896.762852.10131.nullmailer () svn ! kde ! org
[Download RAW message or body]
SVN commit 924950 by spstarr:
Pevent mallicious attacks on ions by just rejecting any bogus entries as malformed
M +11 -3 ion_bbcukmet.cpp
M +7 -4 ion_envcan.cpp
M +8 -4 ion_noaa.cpp
--- trunk/KDE/kdebase/workspace/plasma/dataengines/weather/ions/ion_bbcukmet.cpp #924949:924950
@@ -208,24 +208,32 @@
// Guard: if the size of array is not 3 then we have bad data, return an error
if (sourceAction.size() < 3) {
- setData(source, "validate", QString("bbcukmet|timeout"));
+ setData(source, "validate", "bbcukmet|malformed");
return true;
}
- if (sourceAction[1] == "validate") {
+ if (sourceAction[1] == "validate" && sourceAction.size() >= 3) {
// Look for places to match
findPlace(sourceAction[2], source);
return true;
- } else if (sourceAction[1] == "weather") {
+ } else if (sourceAction[1] == "weather" && sourceAction.size() >= 3) {
if (sourceAction.count() >= 3) {
+ if (sourceAction[2].isEmpty()) {
+ setData(source, "validate", "bbcukmet|malformed");
+ return true;
+ }
d->m_place[QString("bbcukmet|%1").arg(sourceAction[2])].XMLurl = sourceAction[3];
getXMLData(QString("%1|%2").arg(sourceAction[0]).arg(sourceAction[2]));
return true;
} else {
return false;
}
+ } else {
+ setData(source, "validate", "bbcukmet|malformed");
+ return true;
}
+
return false;
}
--- trunk/KDE/kdebase/workspace/plasma/dataengines/weather/ions/ion_envcan.cpp #924949:924950
@@ -470,11 +470,11 @@
// Guard: if the size of array is not 2 then we have bad data, return an error
if (sourceAction.size() < 2) {
- setData(source, "validate", QString("envcan|timeout"));
+ setData(source, "validate", "envcan|malformed");
return true;
}
- if (sourceAction[1] == "validate") {
+ if (sourceAction[1] == "validate" && sourceAction.size() > 2) {
QStringList result = validate(QString("%1|%2").arg(sourceAction[0]).arg(sourceAction[2]));
if (result.size() == 1) {
@@ -488,9 +488,12 @@
return true;
}
- } else if (sourceAction[1] == "weather") {
+ } else if (sourceAction[1] == "weather" && sourceAction.size() > 2) {
getXMLData(source);
return true;
+ } else {
+ setData(source, "validate", "envcan|malformed");
+ return true;
}
return false;
}
@@ -519,7 +522,7 @@
//url="file:///home/spstarr/Desktop/s0000649_e.xml";
if (d->m_place[dataKey].territoryName.isEmpty() && d->m_place[dataKey].cityCode.isEmpty()) {
- setData(source, "validate", QString("envcan|timeout"));
+ setData(source, "validate", QString("envcan|malformed"));
return;
}
--- trunk/KDE/kdebase/workspace/plasma/dataengines/weather/ions/ion_noaa.cpp #924949:924950
@@ -135,11 +135,11 @@
// Guard: if the size of array is not 2 then we have bad data, return an error
if (sourceAction.size() < 2) {
- setData(source, "validate", QString("noaa|timeout"));
+ setData(source, "validate", "noaa|malformed");
return true;
}
- if (sourceAction[1] == "validate") {
+ if (sourceAction[1] == "validate" && sourceAction.size() > 2) {
kDebug() << "Initiate Validating of place: " << sourceAction[2];
QStringList result = validate(QString("%1|%2").arg(sourceAction[0]).arg(sourceAction[2]));
@@ -154,10 +154,14 @@
return true;
}
- } else if (sourceAction[1] == "weather") {
+ } else if (sourceAction[1] == "weather" && sourceAction.size() > 2) {
getXMLData(source);
return true;
+ } else {
+ setData(source, "validate", "noaa|malformed");
+ return true;
}
+
return false;
}
@@ -187,7 +191,7 @@
// If this is empty we have no valid data, send out an error and abort.
//
if (url.url().isEmpty()) {
- setData(source, "validate", QString("noaa|timeout"));
+ setData(source, "validate", QString("noaa|malformed"));
return;
}
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic