File & input sanitization
This commit is contained in:
parent
41c25f8420
commit
b4cde0e09d
3
TODO.txt
3
TODO.txt
|
@ -12,9 +12,6 @@ Important improvements:
|
||||||
so.
|
so.
|
||||||
* _Huge_ problem, but I haven't had luck figuring it out yet…
|
* _Huge_ problem, but I haven't had luck figuring it out yet…
|
||||||
* Move from BLists to BObjectLists where possible
|
* Move from BLists to BObjectLists where possible
|
||||||
* General input sanitization
|
|
||||||
* File error-handling
|
|
||||||
* e.g., Utils.cpp's userFileError
|
|
||||||
* Fix background of Feeds List error status icon (it's black, not transparent)
|
* Fix background of Feeds List error status icon (it's black, not transparent)
|
||||||
* Check if arg is a file or not (treat appropriately)
|
* Check if arg is a file or not (treat appropriately)
|
||||||
* Make UI friendly to whatever font-size you throw at it
|
* Make UI friendly to whatever font-size you throw at it
|
||||||
|
|
|
@ -7,6 +7,7 @@
|
||||||
|
|
||||||
#include <iostream>
|
#include <iostream>
|
||||||
|
|
||||||
|
#include <Alert.h>
|
||||||
#include <Box.h>
|
#include <Box.h>
|
||||||
#include <Button.h>
|
#include <Button.h>
|
||||||
#include <Message.h>
|
#include <Message.h>
|
||||||
|
@ -51,7 +52,32 @@ EntriesView::MessageReceived(BMessage* msg)
|
||||||
status_t result = ((App*)be_app)->fPreferences->SetEntryDir(
|
status_t result = ((App*)be_app)->fPreferences->SetEntryDir(
|
||||||
fEntryFolderText->Text());
|
fEntryFolderText->Text());
|
||||||
if (result != B_OK)
|
if (result != B_OK)
|
||||||
userFileError(result, fEntryFolderText->Text());
|
_FileError(result);
|
||||||
|
|
||||||
|
fEntryFolderText->SetText(((App*)be_app)->fPreferences->EntryDir());
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
case kEntryFolderBrowse:
|
||||||
|
{
|
||||||
|
entry_ref appsRef;
|
||||||
|
fEntryFolderPanel = new BFilePanel(B_OPEN_PANEL, NULL, NULL,
|
||||||
|
B_DIRECTORY_NODE, false, new BMessage(kEntryFolderPath));
|
||||||
|
fEntryFolderPanel->Show();
|
||||||
|
fEntryFolderPanel->SetTarget(this);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
case kEntryFolderPath:
|
||||||
|
{
|
||||||
|
entry_ref ref;
|
||||||
|
if (msg->HasRef("refs") && msg->FindRef("refs", &ref) == B_OK) {
|
||||||
|
status_t result = ((App*)be_app)->fPreferences->SetEntryDir(
|
||||||
|
BPath(&ref).Path());
|
||||||
|
if (result != B_OK)
|
||||||
|
_FileError(result);
|
||||||
|
}
|
||||||
|
|
||||||
|
fEntryFolderText->SetText(((App*)be_app)->fPreferences->EntryDir());
|
||||||
|
delete fEntryFolderPanel;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case kOpenHtmlRadio:
|
case kOpenHtmlRadio:
|
||||||
|
@ -70,6 +96,16 @@ EntriesView::MessageReceived(BMessage* msg)
|
||||||
fOpenWithMenuField->MenuItem()->Label());
|
fOpenWithMenuField->MenuItem()->Label());
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
case kOpenWithBrowse:
|
||||||
|
{
|
||||||
|
entry_ref appsRef;
|
||||||
|
BEntry("/boot/system/apps/").GetRef(&appsRef);
|
||||||
|
|
||||||
|
fOpenWithPanel = new BFilePanel(B_OPEN_PANEL, NULL, &appsRef,
|
||||||
|
B_FILE_NODE, false, new BMessage(kOpenWithPath));
|
||||||
|
fOpenWithPanel->Show();
|
||||||
|
fOpenWithPanel->SetTarget(this);
|
||||||
|
}
|
||||||
case kOpenWithPath:
|
case kOpenWithPath:
|
||||||
{
|
{
|
||||||
entry_ref ref;
|
entry_ref ref;
|
||||||
|
@ -81,16 +117,6 @@ EntriesView::MessageReceived(BMessage* msg)
|
||||||
delete fOpenWithPanel;
|
delete fOpenWithPanel;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case kOpenWithBrowse:
|
|
||||||
{
|
|
||||||
entry_ref appsRef;
|
|
||||||
BEntry("/boot/system/apps/").GetRef(&appsRef);
|
|
||||||
|
|
||||||
fOpenWithPanel = new BFilePanel(B_OPEN_PANEL, NULL, &appsRef,
|
|
||||||
B_FILE_NODE, false, new BMessage(kOpenWithPath));
|
|
||||||
fOpenWithPanel->Show();
|
|
||||||
fOpenWithPanel->SetTarget(this);
|
|
||||||
}
|
|
||||||
default:
|
default:
|
||||||
{
|
{
|
||||||
BGroupView::MessageReceived(msg);
|
BGroupView::MessageReceived(msg);
|
||||||
|
@ -213,3 +239,29 @@ EntriesView::_PopulateOpenWithMenu()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
void
|
||||||
|
EntriesView::_FileError(status_t result)
|
||||||
|
{
|
||||||
|
BPath cfgPath;
|
||||||
|
find_directory(B_USER_SETTINGS_DIRECTORY, &cfgPath);
|
||||||
|
|
||||||
|
if (result == B_NOT_A_DIRECTORY) {
|
||||||
|
BAlert* alert = new BAlert("Entries Directory", "The path you "
|
||||||
|
"selected isn't a folder― please choose another path.", "OK",
|
||||||
|
NULL, NULL, B_WIDTH_AS_USUAL, B_WARNING_ALERT);
|
||||||
|
alert->Go();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
userFileError(result, "Entries Directory",
|
||||||
|
"Couldn't open this folder because no path was specified.\n"
|
||||||
|
"Please select a new folder.",
|
||||||
|
"Couldn't open this folder because permission was denied.\n"
|
||||||
|
"This usually means that you don't have read permissions.\nPlease make "
|
||||||
|
"sure that your user has read-access to this folder.\nCheck your OS "
|
||||||
|
"documentation for more information.",
|
||||||
|
"There is not enough memory available on your system to access the "
|
||||||
|
"given path.\nPlease try closing a few applications and restarting Pogger.");
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -23,6 +23,7 @@ enum
|
||||||
{
|
{
|
||||||
kEntryFolderText = 'txef',
|
kEntryFolderText = 'txef',
|
||||||
kEntryFolderBrowse = 'tbef',
|
kEntryFolderBrowse = 'tbef',
|
||||||
|
kEntryFolderPath = 'txep',
|
||||||
kOpenHtmlRadio = 'rdow',
|
kOpenHtmlRadio = 'rdow',
|
||||||
kOpenUrlRadio = 'roow',
|
kOpenUrlRadio = 'roow',
|
||||||
kOpenWithSelect = 'mnow',
|
kOpenWithSelect = 'mnow',
|
||||||
|
@ -42,11 +43,14 @@ private:
|
||||||
void _InitInterface();
|
void _InitInterface();
|
||||||
void _PopulateOpenWithMenu();
|
void _PopulateOpenWithMenu();
|
||||||
|
|
||||||
|
void _FileError(status_t result);
|
||||||
|
|
||||||
|
|
||||||
BBox* fSavingBox;
|
BBox* fSavingBox;
|
||||||
BStringView* fEntryFolderLabel;
|
BStringView* fEntryFolderLabel;
|
||||||
BTextControl* fEntryFolderText;
|
BTextControl* fEntryFolderText;
|
||||||
BButton* fEntryFolderBrowseButton;
|
BButton* fEntryFolderBrowseButton;
|
||||||
|
BFilePanel* fEntryFolderPanel;
|
||||||
|
|
||||||
BBox* fOpeningBox;
|
BBox* fOpeningBox;
|
||||||
BStringView* fOpenAsLabel;
|
BStringView* fOpenAsLabel;
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
|
|
||||||
#include "FeedEditWindow.h"
|
#include "FeedEditWindow.h"
|
||||||
|
|
||||||
|
#include <Alert.h>
|
||||||
#include <Button.h>
|
#include <Button.h>
|
||||||
#include <Message.h>
|
#include <Message.h>
|
||||||
#include <LayoutBuilder.h>
|
#include <LayoutBuilder.h>
|
||||||
|
@ -121,7 +122,7 @@ FeedEditWindow::_InitInterface()
|
||||||
.End();
|
.End();
|
||||||
}
|
}
|
||||||
|
|
||||||
#include <iostream>
|
|
||||||
void
|
void
|
||||||
FeedEditWindow::_SaveFeed()
|
FeedEditWindow::_SaveFeed()
|
||||||
{
|
{
|
||||||
|
@ -132,6 +133,24 @@ FeedEditWindow::_SaveFeed()
|
||||||
|
|
||||||
BString title(fFeedNameText->Text());
|
BString title(fFeedNameText->Text());
|
||||||
const char* urlString = fFeedUrlText->Text();
|
const char* urlString = fFeedUrlText->Text();
|
||||||
|
BUrl url = BUrl(urlString);
|
||||||
|
|
||||||
|
if (BString(urlString).IsEmpty() == true) {
|
||||||
|
BAlert* emptyAlert = new BAlert("Invalid Feed",
|
||||||
|
"Please enter a URL.", "OK", NULL, NULL,
|
||||||
|
B_WIDTH_AS_USUAL, B_OFFSET_SPACING, B_WARNING_ALERT);
|
||||||
|
emptyAlert->Go();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (url.IsValid() == false) {
|
||||||
|
BAlert* invAlert = new BAlert("Invalid Feed",
|
||||||
|
"The given URL is invalid. Please make sure you typed it in correctly.",
|
||||||
|
"OK", NULL, NULL, B_WIDTH_AS_USUAL, B_OFFSET_SPACING, B_WARNING_ALERT);
|
||||||
|
invAlert->Go();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
BString filename;
|
BString filename;
|
||||||
if (title.IsEmpty())
|
if (title.IsEmpty())
|
||||||
filename = BString(urlString);
|
filename = BString(urlString);
|
||||||
|
|
|
@ -5,10 +5,10 @@
|
||||||
|
|
||||||
#include "Preferences.h"
|
#include "Preferences.h"
|
||||||
|
|
||||||
#include <iostream>
|
|
||||||
|
|
||||||
#include <String.h>
|
#include <String.h>
|
||||||
|
|
||||||
|
#include "Util.h"
|
||||||
|
|
||||||
|
|
||||||
Preferences::Preferences() {
|
Preferences::Preferences() {
|
||||||
}
|
}
|
||||||
|
@ -27,9 +27,12 @@ Preferences::Load()
|
||||||
cfgPath.Append("Pogger");
|
cfgPath.Append("Pogger");
|
||||||
BString filename = BString(cfgPath.Path()).Append("/Settings");
|
BString filename = BString(cfgPath.Path()).Append("/Settings");
|
||||||
|
|
||||||
BFile file(filename.String(), B_READ_ONLY);
|
BFile file = BFile(filename.String(), B_READ_ONLY);
|
||||||
status_t result = file.InitCheck();
|
status_t result = file.InitCheck();
|
||||||
|
|
||||||
|
if (result == B_PERMISSION_DENIED || result == B_NO_MEMORY)
|
||||||
|
_FileError(result);
|
||||||
|
|
||||||
BMessage storage;
|
BMessage storage;
|
||||||
storage.Unflatten(&file);
|
storage.Unflatten(&file);
|
||||||
|
|
||||||
|
@ -68,8 +71,12 @@ Preferences::Save()
|
||||||
BMessage storage;
|
BMessage storage;
|
||||||
BString filename = BString(cfgPath.Path()).Append("/Settings");
|
BString filename = BString(cfgPath.Path()).Append("/Settings");
|
||||||
|
|
||||||
BFile file(filename.String(), B_WRITE_ONLY | B_CREATE_FILE | B_ERASE_FILE);
|
BFile file = BFile(filename.String(), B_WRITE_ONLY | B_CREATE_FILE | B_ERASE_FILE);
|
||||||
status_t result = file.InitCheck();
|
status_t result = file.InitCheck();
|
||||||
|
if (result != B_OK) {
|
||||||
|
_FileError(result);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
storage.AddString("entryDir", fEntryDir.String());
|
storage.AddString("entryDir", fEntryDir.String());
|
||||||
storage.AddString("openWith", fOpenWith.String());
|
storage.AddString("openWith", fOpenWith.String());
|
||||||
|
@ -128,7 +135,10 @@ Preferences::EntryDir()
|
||||||
status_t
|
status_t
|
||||||
Preferences::SetEntryDir(const char* path)
|
Preferences::SetEntryDir(const char* path)
|
||||||
{
|
{
|
||||||
status_t testStatus = BEntry(path).InitCheck();
|
status_t testStatus = BDirectory(path).InitCheck();
|
||||||
|
if (BDirectory(path).IsDirectory() == false)
|
||||||
|
return B_NOT_A_DIRECTORY;
|
||||||
|
|
||||||
if (testStatus == B_OK)
|
if (testStatus == B_OK)
|
||||||
fEntryDir = BString(path);
|
fEntryDir = BString(path);
|
||||||
return testStatus;
|
return testStatus;
|
||||||
|
@ -171,3 +181,28 @@ Preferences::SetEntryOpenAsHtml(bool asHtml)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
void
|
||||||
|
Preferences::_FileError(status_t result)
|
||||||
|
{
|
||||||
|
BPath cfgPath;
|
||||||
|
find_directory(B_USER_SETTINGS_DIRECTORY, &cfgPath);
|
||||||
|
|
||||||
|
BString permLabel("Couldn't open the preferences file because permission "
|
||||||
|
"was denied.\nThis usually means that you don't have read permissions to "
|
||||||
|
"your settings directory.\nPlease make sure that your user has "
|
||||||
|
"read-access to your settings directory― likely %path%.\nCheck your OS "
|
||||||
|
"documentation for more information.");
|
||||||
|
permLabel.ReplaceAll("%path%", cfgPath.Path());
|
||||||
|
|
||||||
|
userFileError(result, "Preferences file",
|
||||||
|
"Couldn't open the preferences file because the path is not "
|
||||||
|
"specified.\nThis usually means that the programmer made a mistake.\n"
|
||||||
|
"Please submit a bug report to the Pogger repository on GitHub.\n"
|
||||||
|
"Your personal settings will not be loaded.",
|
||||||
|
permLabel.String(),
|
||||||
|
"There is not enough memory available on your system to load the "
|
||||||
|
"preferences file.\nPlease try closing a few applications and restarting "
|
||||||
|
"Pogger.");
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -49,6 +49,8 @@ public:
|
||||||
int32 fTabSelection;
|
int32 fTabSelection;
|
||||||
|
|
||||||
private:
|
private:
|
||||||
|
void _FileError(status_t result);
|
||||||
|
|
||||||
int8 fUpdateInterval;
|
int8 fUpdateInterval;
|
||||||
|
|
||||||
BString fEntryDir;
|
BString fEntryDir;
|
||||||
|
|
30
src/Util.cpp
30
src/Util.cpp
|
@ -9,6 +9,7 @@
|
||||||
#include <iostream>
|
#include <iostream>
|
||||||
#include <iomanip>
|
#include <iomanip>
|
||||||
|
|
||||||
|
#include <Alert.h>
|
||||||
#include <Application.h>
|
#include <Application.h>
|
||||||
#include <Bitmap.h>
|
#include <Bitmap.h>
|
||||||
#include <Directory.h>
|
#include <Directory.h>
|
||||||
|
@ -165,8 +166,35 @@ fetch(BUrl url, BDataIO* reply, BString* hash, int timeout)
|
||||||
|
|
||||||
|
|
||||||
void
|
void
|
||||||
userFileError(status_t status, const char* path)
|
userFileError(status_t status, const char* title, const char* bad_value,
|
||||||
|
const char* perm_denied, const char* no_memory)
|
||||||
{
|
{
|
||||||
|
BString label;
|
||||||
|
|
||||||
|
switch (status) {
|
||||||
|
case B_BAD_VALUE:
|
||||||
|
{
|
||||||
|
label = bad_value;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
case B_READ_ONLY_DEVICE:
|
||||||
|
case B_PERMISSION_DENIED:
|
||||||
|
{
|
||||||
|
label = perm_denied;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
case B_NO_MEMORY:
|
||||||
|
{
|
||||||
|
label = no_memory;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
default:
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
BAlert* alert = new BAlert(title, label.String(), "OK", NULL, NULL,
|
||||||
|
B_WIDTH_AS_USUAL, B_WARNING_ALERT);
|
||||||
|
alert->Go();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -31,15 +31,19 @@ const char* tempFileName(const char* dir, const char* name, const char* suffix);
|
||||||
|
|
||||||
int32 fetch(BUrl url, BDataIO* reply, BString* hash, int timeout);
|
int32 fetch(BUrl url, BDataIO* reply, BString* hash, int timeout);
|
||||||
|
|
||||||
void userFileError(status_t status, const char* path);
|
// The strings passed to this function are adapted from those in
|
||||||
|
// Calendar (utils/Preferences.cpp).
|
||||||
|
void userFileError(status_t status, const char* title, const char* bad_value,
|
||||||
|
const char* perm_denied, const char* no_memory);
|
||||||
|
|
||||||
// Takes a (probably invalid) bit of HTML and adds necessary elements in a
|
// Takes a (probably invalid) bit of HTML and adds necessary elements in a
|
||||||
// temporary copy. Returns an entry_ref to said temporary copy.
|
// temporary copy. Returns an entry_ref to said temporary copy.
|
||||||
entry_ref tempHtmlFile(entry_ref* ref, const char* title);
|
entry_ref tempHtmlFile(entry_ref* ref, const char* title);
|
||||||
|
|
||||||
// Ripped from Calendar (utils/ResourceLoader.cpp)
|
// Also ripped from Calendar (utils/ResourceLoader.cpp)
|
||||||
BBitmap* loadVectorIcon(const char* name, int32 iconSize = 32,
|
BBitmap* loadVectorIcon(const char* name, int32 iconSize = 32,
|
||||||
int32 cropSize = 22);
|
int32 cropSize = 22);
|
||||||
|
|
||||||
|
|
||||||
#endif // UTIL_H
|
#endif // UTIL_H
|
||||||
|
|
||||||
|
|
Ŝarĝante…
Reference in New Issue