From 3548e6dfe7b5fe3f409151ff42c17a3fb4876dbf Mon Sep 17 00:00:00 2001
From: Andy Williams <andy@andywilliams.me>
Date: Sun, 31 Dec 2017 15:57:01 +0000
Subject: [PATCH] Fix unsafe usages of basename

---
 src/bin/edi_config.c                  |  2 +-
 src/bin/edi_filepanel.c               | 17 ++++++-----------
 src/bin/edi_scm_main.c                |  2 +-
 src/bin/edi_scm_ui.c                  |  2 +-
 src/bin/mainview/edi_mainview.c       | 10 ++--------
 src/bin/mainview/edi_mainview_panel.c |  2 +-
 src/lib/edi.c                         |  2 +-
 7 files changed, 13 insertions(+), 24 deletions(-)

diff --git a/src/bin/edi_config.c b/src/bin/edi_config.c
index dc8884e..8a0f5ae 100644
--- a/src/bin/edi_config.c
+++ b/src/bin/edi_config.c
@@ -392,7 +392,7 @@ _edi_config_project_add(const char *path)
 
    project = malloc(sizeof(*project));
    project->path = eina_stringshare_add(path);
-   project->name = eina_stringshare_add(basename((char*) path));
+   project->name = eina_stringshare_add(ecore_file_file_get(path));
    _edi_config->projects = eina_list_prepend(_edi_config->projects, project);
    _edi_config_save();
 }
diff --git a/src/bin/edi_filepanel.c b/src/bin/edi_filepanel.c
index 047e5b6..6848986 100644
--- a/src/bin/edi_filepanel.c
+++ b/src/bin/edi_filepanel.c
@@ -456,7 +456,7 @@ _item_menu_create(Evas_Object *win, Edi_Dir_Data *sd)
    menu = elm_menu_add(win);
    evas_object_smart_callback_add(menu, "dismissed", _item_menu_dismissed_cb, NULL);
 
-   menu_it = elm_menu_item_add(menu, NULL, "document-properties", basename((char *)sd->path), NULL, NULL);
+   menu_it = elm_menu_item_add(menu, NULL, "document-properties", ecore_file_file_get(sd->path), NULL, NULL);
    elm_object_item_disabled_set(menu_it, EINA_TRUE);
    elm_menu_item_separator_add(menu, NULL);
 
@@ -584,7 +584,7 @@ _item_menu_dir_create(Evas_Object *win, Edi_Dir_Data *sd)
    menu = elm_menu_add(win);
    evas_object_smart_callback_add(menu, "dismissed", _item_menu_dismissed_cb, NULL);
 
-   menu_it = elm_menu_item_add(menu, NULL, "folder", basename((char *)sd->path), NULL, NULL);
+   menu_it = elm_menu_item_add(menu, NULL, "folder", ecore_file_file_get(sd->path), NULL, NULL);
    elm_object_item_disabled_set(menu_it, EINA_TRUE);
    elm_menu_item_separator_add(menu, NULL);
 
@@ -646,7 +646,7 @@ _text_get(void *data, Evas_Object *obj EINA_UNUSED, const char *source EINA_UNUS
 {
    Edi_Dir_Data *sd = data;
 
-   return strdup(basename((char *)sd->path));
+   return strdup(ecore_file_file_get(sd->path));
 }
 
 static Evas_Object *
@@ -656,15 +656,14 @@ _content_get(void *data, Evas_Object *obj, const char *source)
    Edi_Dir_Data *sd = data;
    Evas_Object *box, *lbox, *mbox, *rbox, *label, *ic;
    Edi_Scm_Status_Code *code;
-   char *text, *escaped;
+   char *escaped;
    const char *icon_name, *icon_status;
    Eina_Bool staged = EINA_FALSE;
 
    if (strcmp(source, "elm.swallow.content"))
      return NULL;
 
-   text = NULL; icon_name = icon_status = NULL;
-
+   icon_name = icon_status = NULL;
    escaped = ecore_file_escape_name(sd->path);
    code = _file_status_item_find(escaped);
    if (code)
@@ -672,8 +671,6 @@ _content_get(void *data, Evas_Object *obj, const char *source)
 
    free(escaped);
 
-   text = strdup(basename((char *)sd->path));
-
    provider = _get_provider_from_hashset(sd->path);
    if (provider)
      icon_name = provider->icon;
@@ -696,7 +693,7 @@ _content_get(void *data, Evas_Object *obj, const char *source)
    elm_box_pack_end(lbox, ic);
 
    label = elm_label_add(lbox);
-   elm_object_text_set(label, text);
+   elm_object_text_set(label, ecore_file_file_get(sd->path));
    evas_object_show(label);
    elm_box_pack_end(lbox, label);
 
@@ -743,8 +740,6 @@ _content_get(void *data, Evas_Object *obj, const char *source)
           }
       }
 
-   free(text);
-
    elm_box_pack_end(box, lbox);
    elm_box_pack_end(box, mbox);
    elm_box_pack_end(box, rbox);
diff --git a/src/bin/edi_scm_main.c b/src/bin/edi_scm_main.c
index 2d05775..a1dd0e8 100644
--- a/src/bin/edi_scm_main.c
+++ b/src/bin/edi_scm_main.c
@@ -20,7 +20,7 @@ _win_title_set(Evas_Object *win, Edi_Scm_Engine *engine)
 
    title = eina_strbuf_new();
    eina_strbuf_append_printf(title, _("Edi Source Control :: %s (%s)"),
-                             basename((char *)engine->root_directory),
+                             ecore_file_file_get((char *)engine->root_directory),
                              engine->name ?: _("unknown"));
    elm_win_title_set(win, eina_strbuf_string_get(title));
    eina_strbuf_free(title);
diff --git a/src/bin/edi_scm_ui.c b/src/bin/edi_scm_ui.c
index 77c00bb..5cf723d 100644
--- a/src/bin/edi_scm_ui.c
+++ b/src/bin/edi_scm_ui.c
@@ -537,7 +537,7 @@ _item_menu_create(Edi_Scm_Ui_Data *pd, Edi_Scm_Status *status)
    evas_object_data_set(menu, "edi_scm_ui", pd);
    evas_object_smart_callback_add(menu, "dismissed", _item_menu_dismissed_cb, NULL);
 
-   menu_it = elm_menu_item_add(menu, NULL, "document-properties", basename((char *)status->path), NULL, NULL);
+   menu_it = elm_menu_item_add(menu, NULL, "document-properties", ecore_file_file_get(status->path), NULL, NULL);
    elm_object_item_disabled_set(menu_it, EINA_TRUE);
    elm_menu_item_separator_add(menu, NULL);
 
diff --git a/src/bin/mainview/edi_mainview.c b/src/bin/mainview/edi_mainview.c
index 5726061..b39acb0 100644
--- a/src/bin/mainview/edi_mainview.c
+++ b/src/bin/mainview/edi_mainview.c
@@ -176,16 +176,10 @@ _edi_mainview_win_exit(void *data EINA_UNUSED, Evas_Object *obj, void *event_inf
    free(it);
 }
 
-static char *
+static const char *
 _edi_mainview_win_title_get(const char *path)
 {
-   char *winname, *filename;
-
-   filename = basename((char*)path);
-   winname = malloc((8 + strlen(filename)) * sizeof(char));
-   snprintf(winname, 8 + strlen(filename), "Edi :: %s", filename);
-
-   return winname;
+   return eina_slstr_printf(_("Edi :: %s"), ecore_file_file_get(path));
 }
 
 static Evas_Object *
diff --git a/src/bin/mainview/edi_mainview_panel.c b/src/bin/mainview/edi_mainview_panel.c
index bca69c7..a6f797e 100644
--- a/src/bin/mainview/edi_mainview_panel.c
+++ b/src/bin/mainview/edi_mainview_panel.c
@@ -496,7 +496,7 @@ _edi_mainview_panel_item_tab_add(Edi_Mainview_Panel *panel, Edi_Path_Options *op
    elm_object_focus_allow_set(tab, EINA_FALSE);
 
    elm_layout_theme_set(tab, "multibuttonentry", "btn", "default");
-   elm_object_part_text_set(tab, "elm.btn.text", basename((char*)options->path));
+   elm_object_part_text_set(tab, "elm.btn.text", ecore_file_file_get(options->path));
 /*
    icon = elm_icon_add(tab);
    elm_icon_standard_set(icon, provider->icon);
diff --git a/src/lib/edi.c b/src/lib/edi.c
index 47a0171..1fca50e 100644
--- a/src/lib/edi.c
+++ b/src/lib/edi.c
@@ -113,7 +113,7 @@ edi_project_get()
 EAPI const char *
 edi_project_name_get()
 {
-   return basename((char*)edi_project_get());
+   return ecore_file_file_get(edi_project_get());
 }
 
 EAPI char *