/pidgin/main: 3ce33bc98c02: Fix HTML injection bug in GtkIMHtml.
Sa?l Hidalgo
saulhidalgo31 at gmail.com
Sun Jan 27 19:31:13 EST 2013
Changeset: 3ce33bc98c027ba50cdadfa5a68b9311020be042
Author: Sa?l Hidalgo <saulhidalgo31 at gmail.com>
Date: 2013-01-27 17:26 -0500
Branch: release-2.x.y
URL: http://hg.pidgin.im/pidgin/main/rev/3ce33bc98c02
Description:
Fix HTML injection bug in GtkIMHtml.
Fixes #13189.
diffstat:
pidgin/gtkimhtml.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diffs (15 lines):
diff --git a/pidgin/gtkimhtml.c b/pidgin/gtkimhtml.c
--- a/pidgin/gtkimhtml.c
+++ b/pidgin/gtkimhtml.c
@@ -5109,8 +5109,10 @@ static const gchar *tag_to_html_start(Gt
} else if (strncmp(name, "LINK ", 5) == 0) {
char *tmp = g_object_get_data(G_OBJECT(tag), "link_url");
if (tmp) {
- g_snprintf(buf, sizeof(buf), "<a href=\"%s\">", tmp);
+ gchar *escaped = purple_markup_escape_text(tmp, -1);
+ g_snprintf(buf, sizeof(buf), "<a href=\"%s\">", escaped);
buf[sizeof(buf)-1] = '\0';
+ g_free(escaped);
return buf;
} else {
return "";
More information about the Commits
mailing list