提交 7afe94e7 编写于 作者: D Daniel Veillard

* src/buf.c: avoid an XML attribute escaping bug #499791

daniel
上级 0d11a25e
Wed May 13 18:06:17 CEST 2009 Daniel Veillard <veillard@redhat.com>
* src/buf.c: avoid an XML attribute escaping bug #499791
Wed May 13 12:34:06 BST 2009 Daniel P. Berrange <berrange@redhat.com>
* src/lxc_container.c: Replace sys/capability.h with
......
......@@ -266,7 +266,7 @@ virBufferEscapeString(const virBufferPtr buf, const char *format, const char *st
return;
len = strlen(str);
if (VIR_ALLOC_N(escaped, 5 * len + 1) < 0) {
if (VIR_ALLOC_N(escaped, 6 * len + 1) < 0) {
virBufferNoMemory(buf);
return;
}
......@@ -290,6 +290,20 @@ virBufferEscapeString(const virBufferPtr buf, const char *format, const char *st
*out++ = 'm';
*out++ = 'p';
*out++ = ';';
} else if (*cur == '"') {
*out++ = '&';
*out++ = 'q';
*out++ = 'u';
*out++ = 'o';
*out++ = 't';
*out++ = ';';
} else if (*cur == '\'') {
*out++ = '&';
*out++ = 'a';
*out++ = 'p';
*out++ = 'o';
*out++ = 's';
*out++ = ';';
} else if ((*cur >= 0x20) || (*cur == '\n') || (*cur == '\t') ||
(*cur == '\r')) {
/*
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册