diff options
| author | Ray <raysan5@gmail.com> | 2018-11-13 15:03:24 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-11-13 15:03:24 +0100 |
| commit | ffcd13bd9fea0829ff5daf9f4e4479f551ba9dd4 (patch) | |
| tree | 45b3e2910abd0ff8b63f8fb8cefc98c54e306da2 | |
| parent | 618f220851570f2bb9ea0bb354a65e92c6d06968 (diff) | |
| parent | 8f70c3baed04e07e21a82ac39d64cbc4d2952ee9 (diff) | |
| download | raylib-ffcd13bd9fea0829ff5daf9f4e4479f551ba9dd4.tar.gz raylib-ffcd13bd9fea0829ff5daf9f4e4479f551ba9dd4.zip | |
Merge pull request #688 from jubalh/master
Check for single apostrophe in OpenURL()
| -rw-r--r-- | src/core.c | 23 |
1 files changed, 4 insertions, 19 deletions
@@ -1828,24 +1828,10 @@ void OpenURL(const char *url) { // Small security check trying to avoid (partially) malicious code... // sorry for the inconvenience when you hit this point... - bool validUrl = true; - int len = strlen(url); - - for (int i = 0; i < len; i++) - { - if ((url[i] == ';') || - (url[i] == '?') || - (url[i] == ':') || - (url[i] == '=') || - (url[i] == '&')) - { - validUrl = false; - break; - } - } - - if (validUrl) + if (strchr(url, '\'') != NULL) { + TraceLog(LOG_WARNING, "Provided URL does not seem to be valid."); + } else { char *cmd = calloc(strlen(url) + 10, sizeof(char)); #if defined(_WIN32) @@ -1856,10 +1842,9 @@ void OpenURL(const char *url) sprintf(cmd, "open '%s'", url); #endif system(cmd); - + free(cmd); } - else TraceLog(LOG_WARNING, "Provided URL does not seem to be valid."); } //---------------------------------------------------------------------------------- |