diff options
Diffstat (limited to 'os/utils.c')
-rw-r--r-- | os/utils.c | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/os/utils.c b/os/utils.c index 6f83a089b..dc18a67b1 100644 --- a/os/utils.c +++ b/os/utils.c @@ -600,6 +600,10 @@ UseMsg(void) static int VerifyDisplayName(const char *d) { + int i; + int period_found = FALSE; + int after_period = 0; + if (d == (char *) 0) return 0; /* null */ if (*d == '\0') @@ -610,6 +614,29 @@ VerifyDisplayName(const char *d) return 0; /* must not equal "." or ".." */ if (strchr(d, '/') != (char *) 0) return 0; /* very important!!! */ + + /* Since we run atoi() on the display later, only allow + for digits, or exception of :0.0 and similar (two decimal points max) + */ + for (i = 0; i < strlen(d); i++) { + if (!isdigit(d[i])) { + if (d[i] != '.' || period_found) + return 0; + period_found = TRUE; + } else if (period_found) + after_period++; + + if (after_period > 2) + return 0; + } + + /* don't allow for :0. */ + if (period_found && after_period == 0) + return 0; + + if (atol(d) > INT_MAX) + return 0; + return 1; } |