in search and filters: escape user entered subview name
Bug #567172 reported by
André Ventura
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
synaptic (Ubuntu) |
Fix Released
|
Medium
|
Jean-Baptiste Lallement | ||
Lucid |
Fix Released
|
Medium
|
Unassigned |
Bug Description
A user can enter arbitrary HTML (but limited by TreeModel capacities) in subview names when adding a subview.
Affected subviews are 'standard search', 'custom filters'
Ubuntu Lucid
synaptic 0.63.1ubuntu6
When using a '<' character in a search keyword there's a new "All" at the left column.
TEST CASE:
1. open synaptic in lucid
2. press ctrl-f (or click on the search button in the toolbar)
3. type "<xx" (without the " but with the <
4. verify that on the left in "Search Results" pane no "<" is displayed
5. install synaptic from lucid-proposed
6. repeat step 2,3
7. verify that this time there is a entry with "<xx"
Related branches
lp://staging/~jibel/synaptic/bug.567172
- synaptic-developers: Pending requested
-
Diff: 110 lines (+63/-2)3 files modifiedgtk/rgmainwindow.cc (+5/-2)
gtk/rgutils.cc (+56/-0)
gtk/rgutils.h (+2/-0)
summary: |
- Wrong behavior when using '<' character in search keywords + in search and filters: escape user entered subview name |
Changed in synaptic (Ubuntu): | |
assignee: | nobody → Jean-Baptiste Lallement (jibel) |
status: | Triaged → In Progress |
importance: | Low → Medium |
description: | updated |
description: | updated |
Changed in synaptic (Ubuntu Lucid): | |
importance: | Undecided → Medium |
milestone: | none → lucid-updates |
status: | New → Confirmed |
To post a comment you must log in.
Thanks for your report.
Could you please describe the detailed steps to reproduce this issue ? Thanks.