validate url's before adding to playlist

TODO

 1) play streams
 	a) put some sort of error reporting for streaming/inputStream!
 
-2) http stuff
-	a) ensure URL's are all ASCII, and properly %'d! check rfc's
-		for legal characters
+2) ACK error codes
 
-3) ACK error codes
+3) cleanup main()
 
-4) cleanup main()
+4) handle '\n' in filenames
 
-5) handle '\n' in filenames
+5) compute average replaygain to use for non-replaygain songs
 
-6) compute average replaygain to use for non-replaygain songs
-
-7) change default port to 6600
+6) change default port to 6600
 
 
 Post-1.0

src/decode.c

@@ -256,13 +256,19 @@ void decodeStart(PlayerControl * pc, OutputBuffer * cb, DecoderControl * dc) {
         int ret;
         InputStream inStream;
         InputPlugin * plugin;
-        char path[MAXPATHLEN+1];
+        char * path;
 
         if(isRemoteUrl(pc->utf8url)) {
-                strncpy(path, pc->utf8url, MAXPATHLEN);
+                path = utf8StrToLatin1Dup(pc->utf8url);
         }
-	else strncpy(path, rmp2amp(utf8ToFsCharset(pc->utf8url)), MAXPATHLEN);
-	path[MAXPATHLEN] = '\0';
+	else path = strdup(rmp2amp(utf8ToFsCharset(pc->utf8url)));
+
+	if(!path) {
+		dc->error = DECODE_ERROR_FILE;
+		dc->state = DECODE_STATE_STOP;
+		dc->start = 0;
+                return;
+	}
 
         dc->metadataSet = 0;
         memset(dc->metadata, 0, DECODE_METADATA_LENGTH);
@@ -275,9 +281,9 @@ void decodeStart(PlayerControl * pc, OutputBuffer * cb, DecoderControl * dc) {
 
         if(openInputStream(&inStream, path) < 0) {
 		dc->error = DECODE_ERROR_FILE;
-		dc->start = 0;
-		dc->stop = 0;
 		dc->state = DECODE_STATE_STOP;
+		dc->start = 0;
+		free(path);
                 return;
         }
 
@@ -291,6 +297,7 @@ void decodeStart(PlayerControl * pc, OutputBuffer * cb, DecoderControl * dc) {
         if(dc->stop) {
                 dc->state = DECODE_STATE_STOP;
                 dc->stop = 0;
+		free(path);
                 return;
         }
 
@@ -345,6 +352,8 @@ void decodeStart(PlayerControl * pc, OutputBuffer * cb, DecoderControl * dc) {
 		dc->stop = 0;
 		dc->state = DECODE_STATE_STOP;
 	}
+
+	free(path);
 }
 
 int decoderInit(PlayerControl * pc, OutputBuffer * cb, DecoderControl * dc) {

src/inputStream.h

@@ -48,6 +48,8 @@ struct _InputStream {
         char * metaTitle;
 };
 
+int isUrlSaneForInputStream(char * url);
+
 /* if an error occurs for these 3 functions, then -1 is returned and errno
    for the input stream is set */
 int openInputStream(InputStream * inStream, char * url);

src/ls.c

@@ -22,6 +22,7 @@
 #include "path.h"
 #include "myfprintf.h"
 #include "log.h"
+#include "utf8.h"
 
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -41,17 +42,68 @@ char * dupAndStripPlaylistSuffix(char * file) {
 	return ret;
 }
 
-int isRemoteUrl(char * url) {
-	char * prefixes[] = 	{
-					"http://",
-					NULL
-				};
+static char * remoteUrlPrefixes[] = 	
+{
+        "http://",
+	NULL
+};
+
+int isValidRemoteUtf8Url(char * utf8url) {
+        int ret = 0;
+        char * lat1 = utf8StrToLatin1Dup(utf8url);
+        char * temp;
+
+        if(!lat1) return 0;
+
+        switch(isRemoteUrl(lat1)) {
+        case 1:
+                ret = 1;
+                temp = lat1;
+                while(*temp) {
+                        if((*temp >= 'a' && *temp <= 'z') || 
+                                        (*temp >= 'A' && *temp <= 'z') ||
+                                        (*temp >= '0' && *temp <= '9') ||
+                                        *temp == '$' ||
+                                        *temp == '-' ||
+                                        *temp == '.' ||
+                                        *temp == '+' ||
+                                        *temp == '!' ||
+                                        *temp == '*' ||
+                                        *temp == '\'' ||
+                                        *temp == '(' ||
+                                        *temp == ')' ||
+                                        *temp == ',' ||
+                                        *temp == '%' ||
+                                        *temp == '/' ||
+                                        *temp == ':' ||
+                                        *temp == '?' ||
+                                        *temp == ';' ||
+                                        *temp == '&' ||
+                                        *temp == '=') 
+                        {
+                        }
+                        else {
+                                ret = 1;
+                                break;
+                        }
+                        temp++;
+                }
+                break;
+        }
+
+        free(lat1);
+        
+        return ret;
+}
 
-	char ** urlPrefixes = prefixes;
+int isRemoteUrl(char * url) {
+        int count = 0;
+	char ** urlPrefixes = remoteUrlPrefixes;
 
 	while(*urlPrefixes) {
+                count++;
 		if(strncmp(*urlPrefixes,url,strlen(*urlPrefixes)) == 0) {
-                        return 1;
+                        return count;
 		}
 		urlPrefixes++;
 	}

src/ls.h

@@ -30,6 +30,8 @@ int lsPlaylists(FILE * fp, char * utf8path);
 
 char * getSuffix(char * utf8file);
 
+int isValidRemoteUtf8Url(char * utf8url);
+
 int isRemoteUrl(char * url);
 
 int isFile(char * utf8file, time_t * mtime);

src/playlist.c

@@ -471,10 +471,13 @@ int addToPlaylist(FILE * fp, char * url) {
 	
 	if((song = getSongFromDB(url))) {
 	}
-	else if(isRemoteUrl(url) && (song = newSong(url,SONG_TYPE_URL))) {
+	else if(isValidRemoteUtf8Url(url) && 
+                        (song = newSong(url,SONG_TYPE_URL))) 
+        {
 	}
 	else {
-		myfprintf(fp,"%s \"%s\" is not in the music db\n",
+		myfprintf(fp,"%s \"%s\" is not in the music db or is"
+                                "not a valid url\n",
 				COMMAND_RESPOND_ERROR,url);
 		return -1;
 	}