Mercurial > hg > release > icedtea6-1.8

changeset 1877:c399b5cbbbaf

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Encode new lines, carriage returns, and other special characters before sending them to Java side (de-coding code is already in effect on Java side).
author Deepak Bhole <dbhole@redhat.com>
date Wed, 03 Feb 2010 11:59:46 -0500
parents 55c898e59858
children 748156804502
files ChangeLog plugin/icedteanp/IcedTeaNPPlugin.cc
diffstat 2 files changed, 37 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Wed Feb 03 13:30:49 2010 +0100
+++ b/ChangeLog	Wed Feb 03 11:59:46 2010 -0500
@@ -1,3 +1,10 @@
+2010-02-03  Deepak Bhole <dbhole@redhat.com>
+
+	* plugin/icedteanp/IcedTeaNPPlugin.cc 
+	(plugin_create_applet_tag): Encode new lines, carriage returns, and other
+	special characters before sending them to Java side (de-coding code is
+	already in effect on Java side).
+
 2010-02-03 Pavel Tisnovsky <ptisnovs@redhat.com>
 
 	* Makefile.am: Add new patch.
--- a/plugin/icedteanp/IcedTeaNPPlugin.cc	Wed Feb 03 13:30:49 2010 +0100
+++ b/plugin/icedteanp/IcedTeaNPPlugin.cc	Wed Feb 03 11:59:46 2010 -0500
@@ -1575,13 +1575,40 @@
           // characters will pass through the pipe.
           if (argv[i] != '\0')
             {
-              gchar* escaped = NULL;
+              // worst case scenario -> all characters are newlines or
+              // returns, each of which translates to 5 substitutions
+              char* escaped = (char*) calloc(((strlen(argv[i])*5)+1), sizeof(char));
 
-              escaped = g_strescape (argv[i], NULL);
+              strcpy(escaped, "");
+              for (int j=0; j < strlen(argv[i]); j++)
+              {
+                  if (argv[i][j] == '\r')
+                      strcat(escaped, "&#13;");
+                  else if (argv[i][j] == '\n')
+                      strcat(escaped, "&#10;");
+                  else if (argv[i][j] == '>')
+                      strcat(escaped, "&gt;");
+                  else if (argv[i][j] == '<')
+                      strcat(escaped, "&lt;");
+                  else if (argv[i][j] == '&')
+                      strcat(escaped, "&amp;");
+                  else
+                  {
+                      char* orig_char = (char*) calloc(2, sizeof(char));
+                      orig_char[0] = argv[i][j];
+                      orig_char[1] = '\0';
+
+                      strcat(escaped, orig_char);
+
+                      free(orig_char);
+                      orig_char = NULL;
+                  }
+              }
+
               parameters = g_strconcat (parameters, "<PARAM NAME=\"", argn[i],
                                         "\" VALUE=\"", escaped, "\">", NULL);
 
-              g_free (escaped);
+              free (escaped);
               escaped = NULL;
             }
         }