Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits c0c2d28
Escape strings before appending them to json
Baptiste Daroussin committed 13 years ago
commit c0c2d2814e7e2e57382a2c5ae7e48f97790f743c
parent f8ce927
1 file changed +42 -27
modified libpkg/pkg_event.c
@@ -37,12 +37,29 @@
static pkg_event_cb _cb = NULL;

static void *_data = NULL;
+ 
static char *
+ 
sbuf_json_escape(struct sbuf *buf, const char *str)
+ 
{
+ 
	sbuf_clear(buf);
+ 
	while (*str != '\0') {
+ 
		if (*str == '"')
+ 
			sbuf_putc(buf, '\\');
+ 
		else if (*str == '\\')
+ 
			sbuf_putc(buf, '\\');
+ 
		sbuf_putc(buf, *str);
+ 
		str++;
+ 
	}
+ 
	sbuf_finish(buf);
+
+ 
	return (sbuf_data(buf));
+ 
}
+ 


static void

pipeevent(struct pkg_event *ev)

{

	struct pkg *pkg = NULL;

	struct pkg_dep *dep = NULL;
- 
	struct sbuf *msg;
+ 
	struct sbuf *msg, *buf;

	const char *message;

	const char *name, *version, *newversion;
@@ -50,6 +67,7 @@ pipeevent(struct pkg_event *ev)
		return;



	msg = sbuf_new_auto();
+ 
	buf = sbuf_new_auto();



	switch(ev->type) {

	case PKG_EVENT_ERRNO:
@@ -57,19 +75,20 @@ pipeevent(struct pkg_event *ev)
		    "\"data\": {"

		    "\"msg\": \"%s(%s): %s\","

		    "\"errno\": %d}}",
- 
		    ev->e_errno.func, ev->e_errno.arg,
- 
		    strerror(ev->e_errno.no),
+ 
		    sbuf_json_escape(buf, ev->e_errno.func),
+ 
		    sbuf_json_escape(buf, ev->e_errno.arg),
+ 
		    sbuf_json_escape(buf, strerror(ev->e_errno.no)),

		    ev->e_errno.no);

		break;

	case PKG_EVENT_ERROR:

		sbuf_printf(msg, "{ \"type\": \"ERROR\", "

		    "\"data\": {\"msg\": \"%s\"}}",
- 
		    ev->e_pkg_error.msg);
+ 
		    sbuf_json_escape(buf, ev->e_pkg_error.msg));

		break;

	case PKG_EVENT_DEVELOPER_MODE:

		sbuf_printf(msg, "{ \"type\": \"ERROR\", "

		    "\"data\": {\"msg\": \"DEVELOPER_MODE: %s\"}}",
- 
		    ev->e_pkg_error.msg);
+ 
		    sbuf_json_escape(buf, ev->e_pkg_error.msg));

		break;

	case PKG_EVENT_FETCHING:

		sbuf_printf(msg, "{ \"type\": \"INFO_FETCH\", "
@@ -78,7 +97,7 @@ pipeevent(struct pkg_event *ev)
		    "\"fetched\": %" PRId64 ", "

		    "\"total\": %" PRId64

		    "}}",
- 
		    ev->e_fetching.url,
+ 
		    sbuf_json_escape(buf, ev->e_fetching.url),

		    ev->e_fetching.done,

		    ev->e_fetching.total

		    );
@@ -110,18 +129,15 @@ pipeevent(struct pkg_event *ev)
		    "}}",

		    name,

		    version,
- 
		    message
- 
		    );
+ 
		    sbuf_json_escape(buf, message));

		break;

	case PKG_EVENT_INTEGRITYCHECK_BEGIN:

		sbuf_printf(msg, "{ \"type\": \"INFO_INTEGRITYCHECK_BEGIN\", "
- 
		    "\"data\": {"
- 
		    "}}");
+ 
		    "\"data\": {}}");

		break;

	case PKG_EVENT_INTEGRITYCHECK_FINISHED:

		sbuf_printf(msg, "{ \"type\": \"INFO_INTEGRITYCHECK_FINISHED\", "
- 
		    "\"data\": {"
- 
		    "}}");
+ 
		    "\"data\": {}}");

		break;

	case PKG_EVENT_DEINSTALL_BEGIN:

		pkg_get(ev->e_deinstall_begin.pkg,
@@ -134,8 +150,7 @@ pipeevent(struct pkg_event *ev)
		    "\"pkgversion\": \"%s\""

		    "}}",

		    name,
- 
		    version
- 
		    );
+ 
		    version);

		break;

	case PKG_EVENT_DEINSTALL_FINISHED:

		pkg_get(ev->e_deinstall_finished.pkg,
@@ -148,8 +163,7 @@ pipeevent(struct pkg_event *ev)
		    "\"pkgversion\": \"%s\""

		    "}}",

		    name,
- 
		    version
- 
		    );
+ 
		    version);

		break;

	case PKG_EVENT_UPGRADE_BEGIN:

		pkg_get(ev->e_upgrade_begin.pkg,
@@ -165,8 +179,7 @@ pipeevent(struct pkg_event *ev)
		    "}}",

		    name,

		    version,
- 
		    newversion
- 
		    );
+ 
		    newversion);

		break;

	case PKG_EVENT_UPGRADE_FINISHED:

		pkg_get(ev->e_upgrade_finished.pkg,
@@ -182,8 +195,7 @@ pipeevent(struct pkg_event *ev)
		    "}}",

		    name,

		    version,
- 
		    newversion
- 
		    );
+ 
		    newversion);

		break;

	case PKG_EVENT_LOCKED:

		pkg_get(ev->e_locked.pkg,
@@ -195,8 +207,7 @@ pipeevent(struct pkg_event *ev)
		    "\"pkgversion\": \"%s\""

		    "}}",

		    name,
- 
		    version
- 
		    );
+ 
		    version);

		break;

	case PKG_EVENT_REQUIRED:

		pkg_get(ev->e_required.pkg,
@@ -267,7 +278,7 @@ pipeevent(struct pkg_event *ev)
		    "}}",

		    name,

		    version,
- 
		    pkg_file_path(ev->e_file_mismatch.file));
+ 
		    sbuf_json_escape(buf, pkg_file_path(ev->e_file_mismatch.file)));

		break;

	case PKG_EVENT_PLUGIN_ERRNO:

		sbuf_printf(msg, "{ \"type\": \"ERROR_PLUGIN\", "
@@ -277,8 +288,10 @@ pipeevent(struct pkg_event *ev)
		    "\"errno\": %d"

		    "}}",

		    pkg_plugin_get(ev->e_plugin_errno.plugin, PKG_PLUGIN_NAME),
- 
		    ev->e_plugin_errno.func, ev->e_plugin_errno.arg,
- 
		    strerror(ev->e_plugin_errno.no), ev->e_plugin_errno.no);
+ 
		    sbuf_json_escape(buf, ev->e_plugin_errno.func),
+ 
		    sbuf_json_escape(buf, ev->e_plugin_errno.arg),
+ 
		    sbuf_json_escape(buf, strerror(ev->e_plugin_errno.no)),
+ 
		    ev->e_plugin_errno.no);

		break;

	case PKG_EVENT_PLUGIN_ERROR:

		sbuf_printf(msg, "{ \"type\": \"ERROR_PLUGIN\", "
@@ -287,7 +300,7 @@ pipeevent(struct pkg_event *ev)
		    "\"msg\": \"%s\""

		    "}}",

		    pkg_plugin_get(ev->e_plugin_error.plugin, PKG_PLUGIN_NAME),
- 
		    ev->e_plugin_error.msg);
+ 
		    sbuf_json_escape(buf, ev->e_plugin_error.msg));

		break;

	case PKG_EVENT_PLUGIN_INFO:

		sbuf_printf(msg, "{ \"type\": \"INFO_PLUGIN\", "
@@ -296,13 +309,15 @@ pipeevent(struct pkg_event *ev)
		    "\"msg\": \"%s\""

		    "}}",

		    pkg_plugin_get(ev->e_plugin_info.plugin, PKG_PLUGIN_NAME),
- 
		    ev->e_plugin_info.msg);
+ 
		    sbuf_json_escape(buf, ev->e_plugin_info.msg));

		break;

	default:

		break;

	}

	sbuf_finish(msg);

	dprintf(eventpipe, "%s\n", sbuf_data(msg));
+ 
	sbuf_delete(msg);
+ 
	sbuf_delete(buf);

}



void