From 52f57ffc613fc4510c94a8d5d1286eaed4ffba91 Mon Sep 17 00:00:00 2001
From: Aleks Kissinger <aleks0@gmail.com>
Date: Tue, 23 Oct 2018 08:06:19 +0200
Subject: added input validation on version response

---
 src/tikzit.cpp | 44 +++++++++++++++++++++++++++-----------------
 1 file changed, 27 insertions(+), 17 deletions(-)

diff --git a/src/tikzit.cpp b/src/tikzit.cpp
index 58cb08e..02b8578 100644
--- a/src/tikzit.cpp
+++ b/src/tikzit.cpp
@@ -372,30 +372,40 @@ void Tikzit::updateReply(QNetworkReply *reply)
 
     QByteArray data = reply->read(200);
     QString strLatest = QString::fromUtf8(data).simplified();
-    //qDebug() << "got response:" << strLatest;
 
     QVersionNumber current = QVersionNumber::fromString(TIKZIT_VERSION).normalized();
     QVersionNumber latest = QVersionNumber::fromString(strLatest).normalized();
 
-    // check for an optional RC suffix. Any non-RC versions are considered later than RC versions.
-    QRegularExpression re("-[rR][cC]([0-9]+)$");
+    // check for valid version string and capture optional RC suffix
+    QRegularExpression re("^[1-9]+(\\.[0-9]+)*(-[rR][cC]([0-9]+))?$");
     QRegularExpressionMatch m;
     m = re.match(TIKZIT_VERSION);
-    int rcCurrent = (m.hasMatch()) ? m.captured(1).toInt() : 1000;
+
+    // any non-RC versions are considered later than RC versions.
+    int rcCurrent = (!m.captured(3).isEmpty()) ? m.captured(3).toInt() : 1000;
+
     m = re.match(strLatest);
-    int rcLatest = (m.hasMatch()) ? m.captured(1).toInt() : 1000;
-
-    //qDebug() << "latest" << latest << "rc" << rcLatest;
-    //qDebug() << "current" << current << "rc" << rcCurrent;
-
-    if (latest > current || (latest == current && rcLatest > rcCurrent)) {
-        QMessageBox::information(0,
-          tr("Update available"),
-          "<p><b>A new version of TikZiT is available!</b></p>"
-          "<p><i>current version: " TIKZIT_VERSION "<br />"
-          "latest version: " + strLatest + "</i></p>"
-          "<p>Download it now from: "
-          "<a href=\"https://tikzit.github.io\">tikzit.github.io</a>.</p>");
+
+    if (m.hasMatch()) {
+        int rcLatest = (!m.captured(3).isEmpty()) ? m.captured(3).toInt() : 1000;
+
+        //qDebug() << "latest" << latest << "rc" << rcLatest;
+        //qDebug() << "current" << current << "rc" << rcCurrent;
+
+        if (latest > current || (latest == current && rcLatest > rcCurrent)) {
+            QMessageBox::information(0,
+              tr("Update available"),
+              "<p><b>A new version of TikZiT is available!</b></p>"
+              "<p><i>current version: " TIKZIT_VERSION "<br />"
+              "latest version: " + strLatest + "</i></p>"
+              "<p>Download it now from: "
+              "<a href=\"https://tikzit.github.io\">tikzit.github.io</a>.</p>");
+        }
+    } else {
+        QMessageBox::warning(0,
+              tr("Invalid response"),
+              "<p>Got invalid version response from "
+              "<a href=\"https://tikzit.github.io\">tikzit.github.io</a>.</p>");
     }
 }
 
-- 
cgit v1.2.3