Compare string lengths when parsing the snapshot mask

We used to rely on the result from strncmp() without comparing the length of
the strings involved. Even worse, any single-character format specifier would
enable zip-format due to the optional '.'-prefix since the length of the
mask then would become zero.

Noticed-by: Evan Martin <sys@neugierig.org>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>

1 files changed, 4 insertions, 3 deletions

diff --git a/ui-snapshot.c b/ui-snapshot.c
index 4d1aa88..dfedd8f 100644
--- a/ui-snapshot.c
+++ b/ui-snapshot.c
@@ -121,36 +121,37 @@ void cgit_print_snapshot_links(const char *repo, const char *head,
 		filename = fmt("%s-%s%s", cgit_repobasename(repo), hex,
 			       sat->suffix);
 		cgit_snapshot_link(filename, NULL, NULL, (char *)head,
 				   (char *)hex, filename);
 		html("<br/>");
 	}
 }
 
 int cgit_parse_snapshots_mask(const char *str)
 {
 	const struct snapshot_archive_t* sat;
 	static const char *delim = " \t,:/|;";
-	int f, tl, rv = 0;
+	int f, tl, sl, rv = 0;
 
 	/* favor legacy setting */
 	if(atoi(str))
 		return 1;
 	for(;;) {
 		str += strspn(str,delim);
 		tl = strcspn(str,delim);
 		if(!tl)
 			break;
 		for(f=0; f<snapshot_archives_len; f++) {
 			sat = &snapshot_archives[f];
-			if(!(strncmp(sat->suffix, str, tl) &&
-			     strncmp(sat->suffix+1, str, tl-1))) {
+			sl = strlen(sat->suffix);
+			if((tl == sl && !strncmp(sat->suffix, str, tl)) ||
+			   (tl == sl-1 && !strncmp(sat->suffix+1, str, tl-1))) {
 				rv |= sat->bit;
 				break;
 			}
 		}
 		str += tl;
 	}
 	return rv;
 }
 
 /* vim:set sw=8: */