[PATCH] PR19433 - Escape filepaths in abixml

public inbox for libabigail@sourceware.org
 help / color / mirror / Atom feed

* [PATCH] PR19433 - Escape filepaths in abixml
@ 2016-01-01  0:00 Ondrej Oprala
  2016-01-01  0:00 ` Dodji Seketeli
  0 siblings, 1 reply; 2+ messages in thread
From: Ondrej Oprala @ 2016-01-01  0:00 UTC (permalink / raw)
  To: Abigail Project Mailing List

[-- Attachment #1: Type: text/plain, Size: 89 bytes --]

Filepaths can contain '<' and '>', which makes XML parsers unhappy :(

Cheers,
   Ondrej

[-- Attachment #2: 0001-Escape-the-value-of-the-filepath-attribute.patch --]
[-- Type: text/x-patch, Size: 1179 bytes --]

From 6c23fa261bff7cf4eb49237e4d795e3feb8b4e0b Mon Sep 17 00:00:00 2001
From: Ondrej Oprala <ooprala@redhat.com>
Date: Mon, 18 Jan 2016 08:51:21 +0100
Subject: [PATCH] Escape the value of the filepath attribute.

	* src/abg-writer.cc (write_location): Sanitize the filepath with
	xml::escape_xml_string().

Signed-off-by: Ondrej Oprala <ooprala@redhat.com>
---
 src/abg-writer.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/abg-writer.cc b/src/abg-writer.cc
index 62b5748..cfcb61a 100644
--- a/src/abg-writer.cc
+++ b/src/abg-writer.cc
@@ -592,7 +592,7 @@ write_location(const location& loc, ostream& o)
 
   loc.expand(filepath, line, column);
 
-  o << " filepath='" << filepath << "'"
+  o << " filepath='" << xml::escape_xml_string(filepath) << "'"
     << " line='"     << line     << "'"
     << " column='"   << column   << "'";
 }
@@ -620,7 +620,7 @@ write_location(const decl_base_sptr&	decl,
 
   loc.expand(filepath, line, column);
 
-  o << " filepath='" << filepath << "'"
+  o << " filepath='" << xml::escape_xml_string(filepath) << "'"
     << " line='"     << line     << "'"
     << " column='"   << column   << "'";
 }
-- 
2.5.0


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH] PR19433 - Escape filepaths in abixml
  2016-01-01  0:00 [PATCH] PR19433 - Escape filepaths in abixml Ondrej Oprala
@ 2016-01-01  0:00 ` Dodji Seketeli
  0 siblings, 0 replies; 2+ messages in thread
From: Dodji Seketeli @ 2016-01-01  0:00 UTC (permalink / raw)
  To: Ondrej Oprala; +Cc: Abigail Project Mailing List

Hello,

Ondrej Oprala <ooprala@redhat.com> a écrit:

> Filepaths can contain '<' and '>', which makes XML parsers unhappy :(

Right.

>
> 	* src/abg-writer.cc (write_location): Sanitize the filepath with
> 	xml::escape_xml_string().

I first thought that the reader side should be updated too, to un-escape
the stuff that got escaped, but then I realized that the read_location()
function from abg-reader.cc uses the xmlGetProp() function from libxml2
which actually does "entity substitution" a.k.a un-escaping.  So the
patch is good.

I am wondering, would it be possible to add a small test case that
exhibits the issue?  There are cases where it's too complicated to
devise a small test case, but I am thinking that in this case, it should
be possible fairly easily.  Or am I missing something?

If we agree, you could add it to the test-types-stability.cc test
harness.

OK to commit with that change.

Cheers,

-- 
		Dodji

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2016-01-18  9:33 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-01-01  0:00 [PATCH] PR19433 - Escape filepaths in abixml Ondrej Oprala
2016-01-01  0:00 ` Dodji Seketeli

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).