mirrors/mc
1
0
Fork 0
mirror of https://github.com/MidnightCommander/mc synced 2024-12-22 12:32:40 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '4620_use_after_free'

Browse Source 
* 4620_use_after_free:
  Ticket #5621: (add_new_entry_cmd): fix Use-after-free.
  Ticket #4620: (sftpfs_fill_connection_data_from_config): fix use-after-free.
This commit is contained in:
Andrew Borodin 2024-12-21 19:14:34 +03:00
commit c4af7f0611
2 changed files with 15 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/filemanager/hotlist.c
View File

@ -995,14 +995,14 @@ add2hotlist (char *label, char *directory, enum HotListType type, listbox_append
static int static int
add_new_entry_input (const char *header, const char *text1, const char *text2, add_new_entry_input (const char *header, const char *text1, const char *text2,
const char *help, char **r1, char **r2) const char *help, const char *def_text, char **r1, char **r2)
{ {
quick_widget_t quick_widgets[] = { quick_widget_t quick_widgets[] = {
/* *INDENT-OFF* */ /* *INDENT-OFF* */
QUICK_LABELED_INPUT (text1, input_label_above, *r1, "input-lbl", r1, NULL, QUICK_LABELED_INPUT (text1, input_label_above, def_text, "input-lbl", r1, NULL,
FALSE, FALSE, INPUT_COMPLETE_NONE), FALSE, FALSE, INPUT_COMPLETE_NONE),
QUICK_SEPARATOR (FALSE), QUICK_SEPARATOR (FALSE),
QUICK_LABELED_INPUT (text2, input_label_above, *r2, "input-lbl", r2, NULL, QUICK_LABELED_INPUT (text2, input_label_above, def_text, "input-lbl", r2, NULL,
FALSE, FALSE, INPUT_COMPLETE_FILENAMES | INPUT_COMPLETE_CD), FALSE, FALSE, INPUT_COMPLETE_FILENAMES | INPUT_COMPLETE_CD),
QUICK_START_BUTTONS (TRUE, TRUE), QUICK_START_BUTTONS (TRUE, TRUE),
QUICK_BUTTON (N_("&Append"), B_APPEND, NULL, NULL), QUICK_BUTTON (N_("&Append"), B_APPEND, NULL, NULL),
@ -1019,11 +1019,7 @@ add_new_entry_input (const char *header, const char *text1, const char *text2,
quick_widgets, NULL, NULL quick_widgets, NULL, NULL
}; };
int ret; return quick_dialog (&qdlg);
ret = quick_dialog (&qdlg);
return (ret != B_CANCEL) ? ret : 0;
} }
/* --------------------------------------------------------------------------------------------- */ /* --------------------------------------------------------------------------------------------- */
@ -1031,19 +1027,18 @@ add_new_entry_input (const char *header, const char *text1, const char *text2,
static void static void
add_new_entry_cmd (WPanel *panel) add_new_entry_cmd (WPanel *panel)
{ {
char *title, *url, *to_free; char *def_text;
char *title = NULL;
char *url = NULL;
int ret; int ret;
/* Take current directory as default value for input fields */ /* Take current directory as default value for input fields */
to_free = title = url = vfs_path_to_str_flags (panel->cwd_vpath, 0, VPF_STRIP_PASSWORD); def_text = vfs_path_to_str_flags (panel->cwd_vpath, 0, VPF_STRIP_PASSWORD);
ret = add_new_entry_input (_("New hotlist entry"), _("Directory label:"), ret = add_new_entry_input (_("New hotlist entry"), _("Directory label:"),
_("Directory path:"), "[Hotlist]", &title, &url); _("Directory path:"), "[Hotlist]", def_text, &title, &url);
g_free (to_free); g_free (def_text);
if (ret == 0) if (ret == B_CANCEL || title == NULL || *title == '\0' || url == NULL || *url == '\0')
return;
if (title == NULL || *title == '\0' || url == NULL || *url == '\0')
{ {
g_free (title); g_free (title);
g_free (url); g_free (url);

5
src/vfs/sftpfs/config_parser.c
View File

@ -393,9 +393,12 @@ sftpfs_fill_connection_data_from_config (struct vfs_s_super *super, GError **mce
if (config_entity->real_host != NULL) if (config_entity->real_host != NULL)
{ {
g_free (super->path_element->host); char *tmp_str = super->path_element->host;
super->path_element->host = super->path_element->host =
sftpsfs_expand_hostname (super->path_element->host, config_entity->real_host); sftpsfs_expand_hostname (super->path_element->host, config_entity->real_host);
g_free (tmp_str);
} }
if (config_entity->identity_file != NULL) if (config_entity->identity_file != NULL)