GNOME Bugzilla – Bug 674848
Crash if you paste long malformed url
Last modified: 2012-05-08 09:52:57 UTC
Created attachment 212853 [details] Example File OS: Fedora 17 x86_64 up-to-date Beta & Epiphany 3.4.1 Title says it all. If you paste a malformed URL to the URL bar, Epiphany will crash. How to reproduce 1. Open the attachment with Epiphany 2. Right click on the icon that indicates that the image failed to load and copy the URL 3. Paste the URL into the URL bar and Epiphany will crash
Created attachment 212964 [details] [review] ephy-history-service: trim query strings to avoid reaching sqlite limit Sqlite limits the length of a LIKE pattern to 50000 bytes, therefore we need to make sure that longer strings are not used as queries.
Review of attachment 212964 [details] [review]: Sure, makes sense, but I think you could make a small helper method to get the prefix plus the % stuff, since you do this three times in different places.
Orthogonal to the bug fix.. in a similar fashion there are other steps from the query construction that could be factored out, but since the queries are not exactly the same I'm afraid it would only make it more confusing.
(In reply to comment #3) > Orthogonal to the bug fix.. in a similar fashion there are other steps from the > query construction that could be factored out, but since the queries are not > exactly the same I'm afraid it would only make it more confusing. I think it will make the patch much simpler, really. You can just replace each: - char *string = g_strdup_printf ("%%%s%%", (char*)substring->data); with a + char *string = ephy_create_query_string ("%%%s%%", (char*)substring->data) which does the 50k prefix thing and then prints to a string that it returns. One method defined, and then the diff in each file is one liner.
Notice that the 50000 limit only applies to LIKE parameters, not to any query string. Therefore, we can avoid passing the "%%s%%" as a parameter, granted that we don't use LIKE constructs in any other way in the future (I doubt we will ever need to).
Created attachment 213296 [details] [review] ephy-history-service: trim query strings to avoid reaching sqlite limit Sqlite limits the length of a LIKE pattern to 50000 bytes, therefore we need to make sure that longer strings are not used as queries.
Review of attachment 213296 [details] [review]: I'd make the parameter const char* and get rid of the casts everywhere. Looks great otherwise. Can go to both branches.
Attachment 213296 [details] pushed as 936e759 - ephy-history-service: trim query strings to avoid reaching sqlite limit