chiark / gitweb /
replace_untrusted_chars: replace all whitespace with space
authorScott James Remnant <scott@ubuntu.com>
Wed, 16 May 2007 18:00:29 +0000 (20:00 +0200)
committerKay Sievers <kay.sievers@vrfy.org>
Wed, 16 May 2007 18:00:29 +0000 (20:00 +0200)
udev_utils_string.c

index 38b91aa..6f51aef 100644 (file)
@@ -229,15 +229,17 @@ int replace_untrusted_chars(char *str)
                if ((str[i] >= '0' && str[i] <= '9') ||
                    (str[i] >= 'A' && str[i] <= 'Z') ||
                    (str[i] >= 'a' && str[i] <= 'z') ||
                if ((str[i] >= '0' && str[i] <= '9') ||
                    (str[i] >= 'A' && str[i] <= 'Z') ||
                    (str[i] >= 'a' && str[i] <= 'z') ||
-                   strchr(" #$%+-./:=?@_,", str[i])) {
+                   strchr("#$%+-./:=?@_,", str[i])) {
                        i++;
                        continue;
                }
                        i++;
                        continue;
                }
+
                /* hex encoding */
                if (str[i] == '\\' && str[i+1] == 'x') {
                        i += 2;
                        continue;
                }
                /* hex encoding */
                if (str[i] == '\\' && str[i+1] == 'x') {
                        i += 2;
                        continue;
                }
+
                /* valid utf8 is accepted */
                len = utf8_encoded_valid_unichar(&str[i]);
                if (len > 1) {
                /* valid utf8 is accepted */
                len = utf8_encoded_valid_unichar(&str[i]);
                if (len > 1) {
@@ -245,6 +247,14 @@ int replace_untrusted_chars(char *str)
                        continue;
                }
 
                        continue;
                }
 
+               /* whitespace replaced with ordinary space */
+               if (isspace(str[i])) {
+                       str[i] = ' ';
+                       i++;
+                       replaced++;
+                       continue;
+               }
+
                /* everything else is garbage */
                str[i] = '_';
                i++;
                /* everything else is garbage */
                str[i] = '_';
                i++;