From 007477dd79b3ada9abba7b332306c92025197d32 Mon Sep 17 00:00:00 2001 From: Florian Forster Date: Sat, 19 Jun 2010 11:02:40 +0200 Subject: [PATCH] src/utils_cgi.[ch]: Implement more variants of "html_escape". --- src/utils_cgi.c | 64 +++++++++++++++++++++++++++++++------------------ src/utils_cgi.h | 2 ++ 2 files changed, 43 insertions(+), 23 deletions(-) diff --git a/src/utils_cgi.c b/src/utils_cgi.c index ac9daca..9efa01f 100644 --- a/src/utils_cgi.c +++ b/src/utils_cgi.c @@ -290,48 +290,66 @@ int time_to_rfc1123 (time_t t, char *buffer, size_t buffer_size) /* {{{ */ #define COPY_ENTITY(e) do { \ size_t len = strlen (e); \ - if (buffer_size < (len + 1)) \ + if (dest_size < (len + 1)) \ break; \ - strcpy (buffer_ptr, (e)); \ - buffer_ptr += len; \ - buffer_size -= len; \ + strcpy (dest_ptr, (e)); \ + dest_ptr += len; \ + dest_size -= len; \ } while (0) -char *html_escape (const char *string) /* {{{ */ +char *html_escape_copy (char *dest, const char *src, size_t n) /* {{{ */ { - char buffer[4096]; - char *buffer_ptr; - size_t buffer_size; + char *dest_ptr; + size_t dest_size; size_t pos; - buffer[0] = 0; - buffer_ptr = &buffer[0]; - buffer_size = sizeof (buffer); - for (pos = 0; string[pos] != 0; pos++) + dest[0] = 0; + dest_ptr = dest; + dest_size = n; + for (pos = 0; src[pos] != 0; pos++) { - if (string[pos] == '"') + if (src[pos] == '"') COPY_ENTITY ("""); - else if (string[pos] == '<') + else if (src[pos] == '<') COPY_ENTITY ("<"); - else if (string[pos] == '>') + else if (src[pos] == '>') COPY_ENTITY (">"); - else if (string[pos] == '&') + else if (src[pos] == '&') COPY_ENTITY ("&"); else { - *buffer_ptr = string[pos]; - buffer_ptr++; - buffer_size--; - *buffer_ptr = 0; + *dest_ptr = src[pos]; + dest_ptr++; + dest_size--; + *dest_ptr = 0; } - if (buffer_size <= 1) + if (dest_size <= 1) break; } - return (strdup (buffer)); -} /* }}} char *html_escape */ + return (src); +} /* }}} char *html_escape_copy */ #undef COPY_ENTITY +char *html_escape_buffer (char *buffer, size_t buffer_size) /* {{{ */ +{ + char tmp[buffer_size]; + + html_escape_copy (tmp, buffer, sizeof (tmp)); + memcpy (buffer, tmp, buffer_size); + + return (buffer); +} /* }}} char *html_escape_buffer */ + +char *html_escape (const char *string) /* {{{ */ +{ + char buffer[4096]; + + html_escape_copy (buffer, string, sizeof (buffer)); + + return (strdup (buffer)); +} /* }}} char *html_escape */ + /* vim: set sw=2 sts=2 et fdm=marker : */ diff --git a/src/utils_cgi.h b/src/utils_cgi.h index a5db9c3..b9b8c09 100644 --- a/src/utils_cgi.h +++ b/src/utils_cgi.h @@ -15,5 +15,7 @@ const char *script_name (void); int time_to_rfc1123 (time_t t, char *buffer, size_t buffer_size); char *html_escape (const char *string); +char *html_escape_buffer (char *buffer, size_t buffer_size); +char *html_escape_copy (char *dest, const char *src, size_t n); #endif /* UTILS_CGI_H */ -- 2.30.2