Fix defects detected by static analysis tool

[platform/core/uifw/isf.git] / ism / src / scim_helper_launcher.cpp

diff --git a/ism/src/scim_helper_launcher.cpp b/ism/src/scim_helper_launcher.cpp
index 5e16524..ad720f2 100644 (file)
--- a/ism/src/scim_helper_launcher.cpp
+++ b/ism/src/scim_helper_launcher.cpp
@@ -36,9 +36,38 @@
 #include "scim_private.h"
 #include "scim.h"
 #include <unistd.h>
+#include <string.h>
 
 using namespace scim;
 
+static String sanitize_string (const char *str, int maxlen = 32)
+{
+    String ret;
+    static char acceptables[] =
+        "abcdefghijklmnopqrstuvwxyz"
+        "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+        "1234567890_-.@:";
+
+    char *newstr = NULL;
+    if (maxlen > 0) {
+        newstr = new char[maxlen + 1];
+    }
+    int len = 0;
+    if (newstr) {
+        memset (newstr, 0x00, sizeof (char) * (maxlen + 1));
+
+        if (str) {
+            while (len < maxlen && str[len] != '\0' && strchr (acceptables, str[len]) != NULL) {
+                newstr[len] = str[len];
+                len++;
+            }
+            ret = newstr;
+        }
+        delete [] newstr;
+    }
+    return ret;
+}
+
 int main (int argc, char *argv [])
 {
     int i = 0;
@@ -130,7 +159,7 @@ int main (int argc, char *argv [])
                 std::cerr << "No argument for option " << argv [i-1] << "\n";
                 return -1;
             }
-            DebugOutput::set_output (String (argv [i]));
+            DebugOutput::set_output (sanitize_string (argv [i]));
             continue;
         }
 
@@ -145,7 +174,7 @@ int main (int argc, char *argv [])
         }
     }
 
-    String exec = argv[0];
+    String exec = sanitize_string (argv[0]);
 
     if (exec != String (SCIM_HELPER_LAUNCHER_PROGRAM)) {
         /* 3rd party shared object type IME */