Branch: Tag:

2011-01-20

2011-01-20 23:49:17 by 0

Reject empty paths in various graphics tag attributes if compat_level is
5.2 or higher. Fixes [bug 5791 (#5791)].

Rev: server/etc/modules/LazyImage.pmod/module.pmod:1.25
Rev: server/modules/graphics/gbutton.pike:1.125
Rev: server/modules/graphics/graphic_text.pike:1.314

27:   // must also be aligned left or right.       - constant cvs_version = "$Id: gbutton.pike,v 1.124 2010/04/27 13:36:56 grubba Exp $"; + constant cvs_version = "$Id: gbutton.pike,v 1.125 2011/01/20 23:49:17 jonasw Exp $";   constant thread_safe = 1;      #include <module.h>
224:   </attr>";   #endif    + // Cached copy of conf->query("compat_level"). This setting is defined + // to require a module reload to take effect so we only query it when + // the module instance is created. + float compat_level = (float) my_configuration()->query("compat_level"); +    function TIMER( function f )   {   #if 0
838:   // int t = gethrtime();    string fi = (args["frame-image"] ||    id->misc->defines["gbutton-frame-image"]); -  if( fi ) +  if( fi ) { +  // Reject empty file paths for sufficiently high compat_level +  if (fi == "" && compat_level >= 5.2) +  RXML.parse_error("Empty frame-image attribute not allowed."); +     fi = Roxen.fix_relative( fi, id ); -  +  }    m_delete(args, "frame-image");       // Harmonize some attribute names to RXML standards...
851:    m_delete(args, "icon-data");    m_delete(args, "align-icon");    +  if (args->icon_src == "" && compat_level >= 5.2) +  RXML.parse_error("Empty icon-src attribute not allowed."); +     mapping new_args =    ([    "pagebg" :parse_color(args->pagebgcolor ||