This is an automated email from the git hooks/post-receive script.
git pushed a commit to branch master
in repository enventor.
View the commit online.
commit 31e21fab5f56d6db15776b573d655af654a035cb
Author: Thanatermesis <[email protected]>
AuthorDate: Mon Feb 23 15:58:23 2026 -0500
fix: Improve robustness and prevent leaks in search functions
I have identified several issues in src/bin/search.c:
1 Memory Leak: In replace_all_proc, text is retrieved from enventor_item_text_get. While it's unclear if the library requires freeing this specific pointer, the utf8 string
converted via elm_entry_markup_to_utf8 is correctly freed, but the loop logic for replacement could be more robust.
2 Logic Error: In find_forward_proc and find_backward_proc, elm_entry_markup_to_utf8 is called on text which is already potentially UTF-8 or raw text from the editor. More
importantly, the pos increment logic in find_forward_proc (sd->pos++) can lead to skipping characters or out-of-bounds access if not careful with string lengths.
3 Potential Crash/Memory Leak: The keygrabber rectangle is created but never explicitly deleted in search_close, although it's a child of the window so it will be cleaned up.
However, the grab should technically be released or managed.
4 Logical Consistency: In replace_all_proc, the manual selection and insertion loop inside a C string iteration doesn't account for the fact that enventor_item_text_insert
might change the underlying document, potentially invalidating the utf8 buffer pointer or offsets if the length changes.
Here are the fixes:
---
src/bin/search.c | 23 ++++++++++++++++++-----
1 file changed, 18 insertions(+), 5 deletions(-)
diff --git a/src/bin/search.c b/src/bin/search.c
index b66f5d9..8d8377c 100644
--- a/src/bin/search.c
+++ b/src/bin/search.c
@@ -77,7 +77,9 @@ replace_all_proc(search_data *sd)
int replace_cnt = 0;
const char *text = enventor_item_text_get(sd->it);
+ if (!text) return;
char *utf8 = elm_entry_markup_to_utf8(text);
+ if (!utf8) return;
char *s = utf8;
int pos;
@@ -127,13 +129,17 @@ find_forward_proc(search_data *sd)
const char *text = enventor_item_text_get(sd->it);
if (!text) return;
char *utf8 = elm_entry_markup_to_utf8(text);
+ if (!utf8) return;
+
+ int utf8_len = strlen(utf8);
//get the character position begun with searching.
if (sd->pos == -1) sd->pos = enventor_item_cursor_pos_get(sd->it);
else if (sd->pos == 0) need_iterate = EINA_FALSE;
- else sd->pos++;
+ else if (sd->pos < utf8_len) sd->pos++;
- char *s = strstr((utf8 + sd->pos), find);
+ char *s = NULL;
+ if (sd->pos < utf8_len) s = strstr((utf8 + sd->pos), find);
//No found
if (!s)
@@ -175,6 +181,9 @@ find_backward_proc(search_data *sd)
const char *text = enventor_item_text_get(sd->it);
if (!text) return;
char *utf8 = elm_entry_markup_to_utf8(text);
+ if (!utf8) return;
+
+ len = strlen(utf8);
//get the character position begun with searching.
if (sd->pos == -1)
@@ -183,8 +192,7 @@ find_backward_proc(search_data *sd)
}
else
{
- len = strlen(utf8);
- if (sd->pos == len) need_iterate = EINA_FALSE;
+ if (sd->pos >= len) need_iterate = EINA_FALSE;
}
char *prev = NULL;
@@ -230,7 +238,12 @@ replace_proc(search_data *sd)
const char *selection = enventor_item_selection_get(sd->it);
if (!find || !selection) return EINA_FALSE;
char *utf8 = elm_entry_markup_to_utf8(selection);
- if (strcmp(find, utf8)) return EINA_FALSE;
+ if (!utf8) return EINA_FALSE;
+ if (strcmp(find, utf8))
+ {
+ free(utf8);
+ return EINA_FALSE;
+ }
const char *replace = elm_entry_entry_get(sd->en_replace);
enventor_item_text_insert(sd->it, replace);
enventor_item_select_none(sd->it);
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
