Mercurial > octave-nkf
diff libinterp/corefcn/urlwrite.cc @ 19437:03067dab10ca
Use stricter input validation when looking for a string as input (bug #42651).
* data.cc (get_sort_mode_option, Fissorted): Use is_string() to check string
input.
* debug.cc (Fdbstep): use "string" rather than "character string" in error
messages.
* error.cc (Flasterr, Flastwarn): use "string" rather than "character string"
in error messages.
* file-io.cc (do_stream_open, do_fread, do_fwrite, Fpopen, Ftempname,
Fmkstemp): Use is_string() to check string input.
* graphics.cc (Fgraphics_toolkit): Use is_string() to check string input.
Rephrase error message.
* help.cc (F__list_functions): Use is_string() to check string input.
* input.cc (Fyes_or_no): Use is_string() to check string input. Rephrase
error message.
* input.cc (Fadd_input_event_hook): Rephrase error message.
* load-path.cc (Fgenpath, Faddpath): Rephrase error message.
* matrix_type.cc (Fmatrix_type): Use is_string() to check string input.
* qz.cc (Fqz): Follow Octave coding convention for space after '!'.
* regexp.cc (parse_options): Use is_string() to check string input.
Rephrase error message.
* schur.cc (Fschur): Use is_string() to check string input.
* strfns.cc (Flist_in_columns): Use is_string() to check string input.
Rephrase error message.
* symtab.cc (Fignore_function_time_stamp): Use is_string() to check string
input. Rephrase error message.
* syscalls.cc (Fexec, Fpopen2, Fcanonicalize_file_name): Use is_string() to
check string input. Rephrase error message.
* sysdep.cc (Fsetenv): Use is_string() to check string input.
* time.cc (Fstrftime, Fstrptime): Use is_string() to check string input.
* toplev.cc (Fsystem, Fatexit): Use is_string() to check string input.
* urlwrite.cc (Furlwrite, Furlread): Rephrase error message.
* utils.cc (Ffile_in_path): Use is_string() to check string input. Rephrase
error message.
* variables.cc (extract_function): Add FIXME about potentially using is_string.
* variables.cc (do_isglobal, Fmunlock, Fmislocked): Use is_string() to check
string input.
* variables.cc (set_internal_variable): Rephrase error message.
* ov-base.cc (make_idx_args): Rephrase error message.
* ov-class.cc (octave_class::all_strings, Fclass): Rephrase error message.
* ov-fcn-handle.cc (Fstr2func): Use is_string() to check string input
* ov-java.cc (FjavaObject, FjavaMethod, F__java_get__, F__java_set__):
Use is_string() to check string input.
* ov.cc (Fdecode_subscripts): Use is_string() to check string input.
Rephrase error message.
* pt-idx.cc (tree_index_expression::get_struct_index): Rephrase error message.
* io.tst: Change %!warning test to %!error test to match stricter checking.
* system.tst: Change %!warning test for setenv to %!error test to match
stricter checking.
| author | Rik <rik@octave.org> |
|---|---|
| date | Tue, 16 Dec 2014 09:21:29 -0800 |
| parents | 6443693a176f |
| children | c2f4f6eb5907 |
line wrap: on
line diff
--- a/libinterp/corefcn/urlwrite.cc Mon Dec 15 22:16:25 2014 -0800 +++ b/libinterp/corefcn/urlwrite.cc Tue Dec 16 09:21:29 2014 -0800 @@ -350,16 +350,17 @@ if (error_state) { - error ("urlwrite: URL must be a character string"); + error ("urlwrite: URL must be a string"); return retval; } // name to store the file if download is succesful + // FIXME: Maybe use is_string () for better input validation. std::string filename = args(1).string_value (); if (error_state) { - error ("urlwrite: LOCALFILE must be a character string"); + error ("urlwrite: LOCALFILE must be a string"); return retval; } @@ -370,13 +371,7 @@ { method = args(2).string_value (); - if (error_state) - { - error ("urlwrite: METHOD must be \"get\" or \"post\""); - return retval; - } - - if (method != "get" && method != "post") + if (error_state || (method != "get" && method != "post")) { error ("urlwrite: METHOD must be \"get\" or \"post\""); return retval; @@ -386,11 +381,10 @@ if (error_state) { - error ("urlwrite: parameters (PARAM) for get and post requests must be given as a cell array of character strings"); + error ("urlwrite: parameters (PARAM) for get and post requests must be given as a cell array of strings"); return retval; } - if (param.numel () % 2 == 1) { error ("urlwrite: number of elements in PARAM must be even"); @@ -498,17 +492,18 @@ int nargin = args.length (); // verify arguments - if (nargin != 1 && nargin != 3) + if (nargin != 1 && nargin != 3) { print_usage (); return retval; } + // FIXME: Maybe use is_string () for better input validation. std::string url = args(0).string_value (); if (error_state) { - error ("urlread: URL must be a character string"); + error ("urlread: URL must be a string"); return retval; } @@ -517,15 +512,10 @@ if (nargin == 3) { + // FIXME: Maybe use is_string () for better input validation. method = args(1).string_value (); - if (error_state) - { - error ("urlread: METHOD must be \"get\" or \"post\""); - return retval; - } - - if (method != "get" && method != "post") + if (error_state || (method != "get" && method != "post")) { error ("urlread: METHOD must be \"get\" or \"post\""); return retval; @@ -535,7 +525,7 @@ if (error_state) { - error ("urlread: parameters (PARAM) for get and post requests must be given as a cell array of character strings"); + error ("urlread: parameters (PARAM) for get and post requests must be given as a cell array of strings"); return retval; }