X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=udev_utils_string.c;h=37db8dbc8524683a937009aa0fd41c620642f69d;hp=a30181e760d5592625fd83831a5a4a0f2bb27f3b;hb=6acd81c8981a5f0ea80e3cdef2a10e5d595bbae3;hpb=5b13ecb830cdec338b514b9ed8c2c559c2f05223

diff --git a/udev_utils_string.c b/udev_utils_string.c
index a30181e76..37db8dbc8 100644
--- a/udev_utils_string.c
+++ b/udev_utils_string.c
@@ -100,7 +100,7 @@ int string_is_true(const char *str)
 	return 0;
 }
 
-void remove_trailing_char(char *path, char c)
+void remove_trailing_chars(char *path, char c)
 {
 	size_t len;
 
@@ -232,12 +232,35 @@ int utf8_encoded_valid_unichar(const char *str)
 	return len;
 }
 
-void replace_untrusted_chars(char *string)
+/* replace everything but whitelisted plain ascii and valid utf8 */
+int replace_untrusted_chars(char *str)
 {
-	size_t len;
+	size_t i = 0;
+	int replaced = 0;
+
+	while (str[i] != '\0') {
+		int len;
+
+		/* valid printable ascii char */
+		if ((str[i] >= '0' && str[i] <= '9') ||
+		    (str[i] >= 'A' && str[i] <= 'Z') ||
+		    (str[i] >= 'a' && str[i] <= 'z') ||
+		    strchr(" #$%+-./:=?@_", str[i])) {
+			i++;
+			continue;
+		}
+		/* valid utf8 is accepted */
+		len = utf8_encoded_valid_unichar(&str[i]);
+		if (len > 1) {
+			i += len;
+			continue;
+		}
 
-	for (len = 0; string[len] != '\0'; len++) {
-		if (strchr(";,~\\()\'", string[len]))
-			string[len] = '_';
+		/* everything else is garbage */
+		str[i] = '_';
+		i++;
+		replaced++;
 	}
+
+	return replaced;
 }