daemon: escape app strings (name, command) whens storing them in xml. Closes #27
This commit is contained in:
parent
5324f63eff
commit
986fef7edf
|
@ -788,7 +788,9 @@ static void callback_elend(void * data, const char * el)
|
|||
}
|
||||
else if (context_ptr->element[context_ptr->depth] == PARSE_CONTEXT_APPLICATION)
|
||||
{
|
||||
context_ptr->data[context_ptr->data_used] = 0;
|
||||
context_ptr->data[unescape(context_ptr->data, context_ptr->data_used, context_ptr->data)] = 0;
|
||||
unescape(context_ptr->str, strlen(context_ptr->str) + 1, context_ptr->str);
|
||||
|
||||
log_info("application '%s' (%s, %s, level %u) with commandline '%s'", context_ptr->str, context_ptr->terminal ? "terminal" : "shell", context_ptr->autorun ? "autorun" : "stopped", (unsigned int)context_ptr->level, context_ptr->data);
|
||||
|
||||
if (!ladish_app_supervisor_add(g_studio.app_supervisor, context_ptr->str, context_ptr->autorun, context_ptr->data, context_ptr->terminal, context_ptr->level))
|
||||
|
|
|
@ -562,67 +562,94 @@ bool save_studio_connection(void * context, ladish_port_handle port1_handle, lad
|
|||
bool save_studio_app(void * context, const char * name, bool running, const char * command, bool terminal, uint8_t level)
|
||||
{
|
||||
char buf[100];
|
||||
const char * unescaped_string;
|
||||
char * escaped_string;
|
||||
char * escaped_buffer;
|
||||
bool ret;
|
||||
|
||||
log_info("saving app: name='%s', %srunning, %s, level %u, commandline='%s'", name, running ? "" : "not ", terminal ? "terminal" : "shell", (unsigned int)level, command);
|
||||
|
||||
if (!write_string(fd, " <application name=\""))
|
||||
ret = false;
|
||||
|
||||
escaped_buffer = malloc(ladish_max(strlen(name), strlen(command)) * 3 + 1); /* encode each char in three bytes (percent encoding) */
|
||||
if (escaped_buffer == NULL)
|
||||
{
|
||||
return false;
|
||||
log_error("malloc() failed.");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if (!write_string(fd, name))
|
||||
if (!write_string(fd, " <application name=\""))
|
||||
{
|
||||
return false;
|
||||
goto free_buffer;
|
||||
}
|
||||
|
||||
unescaped_string = name;
|
||||
escaped_string = escaped_buffer;
|
||||
escape(&unescaped_string, &escaped_string);
|
||||
*escaped_string = 0;
|
||||
if (!write_string(fd, escaped_buffer))
|
||||
{
|
||||
goto free_buffer;
|
||||
}
|
||||
|
||||
if (!write_string(fd, "\" terminal=\""))
|
||||
{
|
||||
return false;
|
||||
goto free_buffer;
|
||||
}
|
||||
|
||||
if (!write_string(fd, terminal ? "true" : "false"))
|
||||
{
|
||||
return false;
|
||||
goto free_buffer;
|
||||
}
|
||||
|
||||
if (!write_string(fd, "\" level=\""))
|
||||
{
|
||||
return false;
|
||||
goto free_buffer;
|
||||
}
|
||||
|
||||
sprintf(buf, "%u", (unsigned int)level);
|
||||
|
||||
if (!write_string(fd, buf))
|
||||
{
|
||||
return false;
|
||||
goto free_buffer;
|
||||
}
|
||||
|
||||
if (!write_string(fd, "\" autorun=\""))
|
||||
{
|
||||
return false;
|
||||
goto free_buffer;
|
||||
}
|
||||
|
||||
if (!write_string(fd, running ? "true" : "false"))
|
||||
{
|
||||
return false;
|
||||
goto free_buffer;
|
||||
}
|
||||
|
||||
if (!write_string(fd, "\">"))
|
||||
{
|
||||
return false;
|
||||
goto free_buffer;
|
||||
}
|
||||
|
||||
if (!write_string(fd, command))
|
||||
unescaped_string = command;
|
||||
escaped_string = escaped_buffer;
|
||||
escape(&unescaped_string, &escaped_string);
|
||||
*escaped_string = 0;
|
||||
if (!write_string(fd, escaped_buffer))
|
||||
{
|
||||
return false;
|
||||
goto free_buffer;
|
||||
}
|
||||
|
||||
if (!write_string(fd, "</application>\n"))
|
||||
{
|
||||
return false;
|
||||
goto free_buffer;
|
||||
}
|
||||
|
||||
return true;
|
||||
ret = true;
|
||||
|
||||
free_buffer:
|
||||
free(escaped_buffer);
|
||||
|
||||
exit:
|
||||
return ret;
|
||||
}
|
||||
|
||||
#undef indent
|
||||
|
|
|
@ -46,6 +46,8 @@ void escape(const char ** src_ptr, char ** dst_ptr)
|
|||
case '<': /* invalid attribute value char (XML spec) */
|
||||
case '&': /* invalid attribute value char (XML spec) */
|
||||
case '"': /* we store attribute values in double quotes - invalid attribute value char (XML spec) */
|
||||
case '\'':
|
||||
case '>':
|
||||
case '%':
|
||||
dst[0] = '%';
|
||||
dst[1] = hex_digits[*src >> 4];
|
||||
|
|
Loading…
Reference in New Issue