PERFORCE change 181839 for review
Hans Petter Selasky
hselasky at FreeBSD.org
Wed Aug 4 16:14:43 UTC 2010
http://p4web.freebsd.org/@@181839?ac=10
Change 181839 by hselasky at hselasky_laptop001 on 2010/08/04 16:14:14
USB core:
- be more strict filtering strings.
Affected files ...
.. //depot/projects/usb/src/sys/dev/usb/usb_request.c#39 edit
Differences ...
==== //depot/projects/usb/src/sys/dev/usb/usb_request.c#39 (text+ko) ====
@@ -1029,14 +1029,22 @@
}
/*
- * Filter by default - we don't allow greater and less than
- * signs because they might confuse the dmesg printouts!
+ * Filter by default - We only allow alphanumerical
+ * and a few more to avoid any problems with scripts
+ * and daemons.
*/
- if ((*s == '<') || (*s == '>') || (!isprint(*s))) {
- /* silently skip bad character */
- continue;
+ if (((*s >= 'a') && (*s <= 'z')) ||
+ ((*s >= 'A') && (*s <= 'Z')) ||
+ ((*s >= '0') && (*s <= '9')) ||
+ (*s == '-') ||
+ (*s == '+') ||
+ (*s == ' ') ||
+ (*s == '.') ||
+ (*s == ',')) {
+ /* allowed */
+ s++;
}
- s++;
+ /* silently skip bad character */
}
*s = 0; /* zero terminate resulting string */
return (USB_ERR_NORMAL_COMPLETION);
More information about the p4-projects
mailing list