Date: Sat, 13 Mar 2010 10:35:52 +0200 From: Jaakko Heinonen <jh@FreeBSD.org> To: freebsd-geom@FreeBSD.org Cc: pjd@FreeBSD.org, phk@FreeBSD.org Subject: Escape unsafe characters for kern.geom.confxml XML dump Message-ID: <20100313083551.GB966@a91-153-117-195.elisa-laajakaista.fi>
next in thread | raw e-mail | index | archive | help
Hi,
I intend to commit following patch unless there are objections. I have
seen the problem commonly reported by FreeBSD users.
---
Escape characters unsafe for XML output in GEOM class, instance and provider
names.
- Characters in range 0x01-0x1f except '\t', '\n', and '\r' are replaced
with '?'. Those characters are disallowed in XML.
- '&', '<', '>', '\'', '"' and characters in range 0x7f-0xff are replaced
with XML numeric character reference.
If the kern.geom.confxml sysctl provides invalid XML, libgeom
geom_xml2tree() fails and utilities using it do not work. Unsafe
characters are common in msdosfs and cd9660 labels.
PR: kern/104389
Submitter by: Doug Steinwand (original version)
%%%
Index: sys/geom/geom_dump.c
===================================================================
--- sys/geom/geom_dump.c (revision 205081)
+++ sys/geom/geom_dump.c (working copy)
@@ -154,6 +154,28 @@ g_conftxt(void *p, int flag)
static void
+g_conf_print_escaped(struct sbuf *sb, const char *fmt, const char *str)
+{
+ struct sbuf *s;
+ const u_char *c;
+
+ s = sbuf_new_auto();
+
+ for (c = str; *c != '\0'; c++) {
+ if (*c == '&' || *c == '<' || *c == '>' ||
+ *c == '\'' || *c == '"' || *c > 0x7e)
+ sbuf_printf(s, "&#x%X;", *c);
+ else if (*c == '\t' || *c == '\n' || *c == '\r' || *c > 0x1f)
+ sbuf_putc(s, *c);
+ else
+ sbuf_putc(s, '?');
+ }
+ sbuf_finish(s);
+ sbuf_printf(sb, fmt, sbuf_data(s));
+ sbuf_delete(s);
+}
+
+static void
g_conf_consumer(struct sbuf *sb, struct g_consumer *cp)
{
@@ -181,7 +203,7 @@ g_conf_provider(struct sbuf *sb, struct
sbuf_printf(sb, "\t <geom ref=\"%p\"/>\n", pp->geom);
sbuf_printf(sb, "\t <mode>r%dw%de%d</mode>\n",
pp->acr, pp->acw, pp->ace);
- sbuf_printf(sb, "\t <name>%s</name>\n", pp->name);
+ g_conf_print_escaped(sb, "\t <name>%s</name>\n", pp->name);
sbuf_printf(sb, "\t <mediasize>%jd</mediasize>\n",
(intmax_t)pp->mediasize);
sbuf_printf(sb, "\t <sectorsize>%u</sectorsize>\n", pp->sectorsize);
@@ -208,7 +230,7 @@ g_conf_geom(struct sbuf *sb, struct g_ge
sbuf_printf(sb, " <geom id=\"%p\">\n", gp);
sbuf_printf(sb, " <class ref=\"%p\"/>\n", gp->class);
- sbuf_printf(sb, " <name>%s</name>\n", gp->name);
+ g_conf_print_escaped(sb, " <name>%s</name>\n", gp->name);
sbuf_printf(sb, " <rank>%d</rank>\n", gp->rank);
if (gp->flags & G_GEOM_WITHER)
sbuf_printf(sb, " <wither/>\n");
@@ -237,7 +259,7 @@ g_conf_class(struct sbuf *sb, struct g_c
struct g_geom *gp2;
sbuf_printf(sb, " <class id=\"%p\">\n", mp);
- sbuf_printf(sb, " <name>%s</name>\n", mp->name);
+ g_conf_print_escaped(sb, " <name>%s</name>\n", mp->name);
LIST_FOREACH(gp2, &mp->geom, geom) {
if (gp != NULL && gp != gp2)
continue;
%%%
--
Jaakko
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100313083551.GB966>