Merge pull request #688 from jubalh/master

Check for single apostrophe in OpenURL()
před 6 roky · ffcd13bd9f
--- a/src/core.c
+++ b/src/core.c
@ -1828,24 +1828,10 @@ void OpenURL(const char *url)
 {
    // Small security check trying to avoid (partially) malicious code... 
    // sorry for the inconvenience when you hit this point...
    bool validUrl = true;
    int len = strlen(url);
    
    for (int i = 0; i < len; i++) 
    {
        if ((url[i] == ';') || 
            (url[i] == '?') || 
            (url[i] == ':') || 
            (url[i] == '=') || 
            (url[i] == '&')) 
        {
            validUrl = false;
            break;
        }
    }
    
    if (validUrl)
    if (strchr(url, '\'') != NULL)
    {
        TraceLog(LOG_WARNING, "Provided URL does not seem to be valid.");
    } else {
        char *cmd = calloc(strlen(url) + 10, sizeof(char));

 #if defined(_WIN32)
@ -1856,10 +1842,9 @@ void OpenURL(const char *url)
        sprintf(cmd, "open '%s'", url);
 #endif
        system(cmd);
    

        free(cmd);
    }
    else TraceLog(LOG_WARNING, "Provided URL does not seem to be valid.");
 }

 //----------------------------------------------------------------------------------