GNOME Bugzilla – Bug 306289
Window titles used as Pango markup are not escaped
Last modified: 2007-02-22 11:18:53 UTC
libwnck leaks Pango markup from window titles up to the window selector widget. Please note that this bug allows a remote annoyer to crash the window menu applet, for instance by inserting malicious Pango markup into the title of a web page (for a demonstration, visit http://people.freebsd.org/~jylefort/libwnck-test.html then click on the window selector icon in your panel). The fix is attached.
Created attachment 47149 [details] [review] escapes window titles when they are used as Pango markup
Thanks for catching this. The patch works, but I'm wondering if for consistency we should fix this by not using markup; in tasklist.c we have the following code: text = wnck_task_get_text (task); if (text != NULL) { gtk_label_set_text (GTK_LABEL (task->label), text); if (wnck_task_get_demands_attention (task)) { make_gtk_label_bold ((GTK_LABEL (task->label))); wnck_task_queue_glow (task); } else { make_gtk_label_normal ((GTK_LABEL (task->label))); wnck_task_stop_glow (task); } (where make_gtk_label_* are local functions that use pango_font_description_set_weight), while in selector.c we have window_name = wnck_selector_get_window_name (window); gtk_label_set_text (GTK_LABEL (item->label), window_name); where wnck_selector_get_window_name() returns a string that possibly contains markup. (The lack of glowing in selector.c is part of bug 305979...) Havoc, Mark, Vincent: thoughts?
agreed, it's better to make things bold via the make_gtk_label route probably
*** Bug 324649 has been marked as a duplicate of this bug. ***
Created attachment 56256 [details] [review] Updated patch following the tasklist.c route Here is an updated patch that mimics the logic in tasklist.c.
Vincent: thanks for the patch, but it would really make more sense to have only one make_gtk_label_bold() and one make_gtk_label_normal(). Maybe putting them in util.[ch] is better ;-)
Sorry for being slow to get back to you after asking you if you could fix this, Vincent. Thanks to Vincent for responding for me. Anyway, that patch works well and looks good to me other than the thing Vincent pointed out. I have to disagree about util.h, though, as that turns out to be publically exported API (automatically included from libwnck.h too). I'm not sure what the right place is--maybe private.h + util.c? Maybe Vincent/Mark/Havoc knows the right place?
private.h + util.c looks okay to me.
I did the trivial move of make_gtk_label_* to util.c/private.h and then committed. Thanks for the work, jylefort and Vincent! Sorry for taking so long...
*** Bug 313881 has been marked as a duplicate of this bug. ***