diff options
author | Guy Harris <guy@alum.mit.edu> | 2015-07-20 10:02:08 -0700 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 2015-07-20 17:02:59 +0000 |
commit | 170def95113b0cc21fdfc7dc1182fd01b4910832 (patch) | |
tree | aeed84565bd114bdf88574ce308aa5b9f32718a7 /epan/uat.c | |
parent | 09ae055f231ccd5513bde402ad988c49c017a957 (diff) | |
download | wireshark-170def95113b0cc21fdfc7dc1182fd01b4910832.tar.gz |
Fix escaping of strings in UATs.
Not only must characters that aren't printable ASCII characters be
escaped, backslashes must be escaped (as backslash is an escape
introducer) and double-quotes must be escaped (as double-quotes
encapsulate strings).
When constructing a string to hand to uat_load_str(), escape pathnames,
as they are likely to contain backslashes on Windows, could contain
backslashes on UN*X, and could contain quotes on UN*X and possibly
Windows. (Arguably, we should escape all the string arguments
Bug: 11372
Change-Id: I594840327fa41895130903c3c612ba97d6c29df3
Reviewed-on: https://code.wireshark.org/review/9716
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'epan/uat.c')
-rw-r--r-- | epan/uat.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/epan/uat.c b/epan/uat.c index c285aacae5..73659d57bf 100644 --- a/epan/uat.c +++ b/epan/uat.c @@ -735,11 +735,11 @@ char* uat_esc(const char* buf, guint len) { char* s = out; for (b = (const guint8 *)buf; b < end; b++) { - if (g_ascii_isprint(*b) ) { - *(s++) = (*b); - } else { + if (*b == '"' || *b == '\\' || ! g_ascii_isprint(*b) ) { g_snprintf(s,5,"\\x%.2x",((guint)*b)); s+=4; + } else { + *(s++) = (*b); } } |