compose.c: fix untrusted source issue

[platform/upstream/libxkbcommon.git] / test / compose.c

diff --git a/test/compose.c b/test/compose.c
index 5e7cba0..4eda30b 100644 (file)
--- a/test/compose.c
+++ b/test/compose.c
@@ -684,6 +684,21 @@ test_traverse(struct xkb_context *ctx)
     xkb_compose_table_unref(table);
 }
 
+static void
+test_escape_sequences(struct xkb_context *ctx)
+{
+    /* The following escape sequences should be ignored:
+     * • \401 overflows
+     * • \0 and \x0 produce NULL
+     */
+    const char *table_string = "<o> <e> : \"\\401f\\x0o\\0o\" X\n";
+
+    assert(test_compose_seq_buffer(ctx, table_string,
+        XKB_KEY_o, XKB_COMPOSE_FEED_ACCEPTED, XKB_COMPOSE_COMPOSING,  "",     XKB_KEY_NoSymbol,
+        XKB_KEY_e, XKB_COMPOSE_FEED_ACCEPTED, XKB_COMPOSE_COMPOSED,   "foo",  XKB_KEY_X,
+        XKB_KEY_NoSymbol));
+}
+
 int
 main(int argc, char *argv[])
 {
@@ -698,9 +713,10 @@ main(int argc, char *argv[])
      * explicitely when necessary.
      */
 #ifdef __linux__
-    const char *srcdir = getenv("top_srcdir");
+    const char *srcdir = secure_getenv("top_srcdir");
     clearenv();
-    setenv("top_srcdir", srcdir, 1);
+    if (srcdir)
+        setenv("top_srcdir", srcdir, 1);
 #else
     unsetenv("XCOMPOSEFILE");
     unsetenv("XDG_CONFIG_HOME");
@@ -717,6 +733,7 @@ main(int argc, char *argv[])
     test_include(ctx);
     test_override(ctx);
     test_traverse(ctx);
+    test_escape_sequences(ctx);
 
     xkb_context_unref(ctx);
     return 0;