Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/lib/str-sanitize.c @ 6891:e744479186b6 HEAD
str_sanitize*() didn't properly limit string length.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Sun, 02 Dec 2007 14:05:45 +0200 |
| parents | 65c69a53a7be |
| children | f359a0a9407f |
| rev | line source |
|---|---|
|
6429
65c69a53a7be
Replaced my Copyright notices. The year range always ends with 2007 now.
Timo Sirainen <tss@iki.fi>
parents:
6383
diff
changeset
|
1 /* Copyright (c) 2004-2007 Dovecot authors, see the included COPYING file */ |
|
2689
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 #include "lib.h" |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 #include "str.h" |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 #include "str-sanitize.h" |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 void str_sanitize_append(string_t *dest, const char *src, size_t max_len) |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 { |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 const char *p; |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
10 |
|
6891
e744479186b6
str_sanitize*() didn't properly limit string length.
Timo Sirainen <tss@iki.fi>
parents:
6429
diff
changeset
|
11 for (p = src; *p != '\0' && max_len > 0; p++, max_len--) { |
|
6383
6d5c3ce9426c
Convert also 0x80..0x9f characters to '?'
Timo Sirainen <tss@iki.fi>
parents:
2689
diff
changeset
|
12 if (((unsigned char)*p & 0x7f) < 32) |
|
2689
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
13 break; |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 } |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
16 str_append_n(dest, src, (size_t)(p - src)); |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
17 for (; *p != '\0' && max_len > 0; p++, max_len--) { |
|
6383
6d5c3ce9426c
Convert also 0x80..0x9f characters to '?'
Timo Sirainen <tss@iki.fi>
parents:
2689
diff
changeset
|
18 if (((unsigned char)*p & 0x7f) < 32) |
|
2689
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
19 str_append_c(dest, '?'); |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
20 else |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
21 str_append_c(dest, *p); |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
22 } |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
23 |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
24 if (*p != '\0') { |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
25 str_truncate(dest, str_len(dest)-3); |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
26 str_append(dest, "..."); |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
27 } |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
28 } |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
29 |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
30 const char *str_sanitize(const char *src, size_t max_len) |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
31 { |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
32 string_t *str; |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
33 |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
34 str = t_str_new(I_MIN(max_len, 256)); |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
35 str_sanitize_append(str, src, max_len); |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
36 return str_c(str); |
|
631611c2d6e6
Added string sanitization functions.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
37 } |