util.format: Escape ASCII control characters in output

This should offer some protection against doing evil things to terminals. Doesn't protect against pure broken UTF-8 garbage however. See #734
2025-04-03 21:27:38 +03:00 · 2021-06-15 23:24:23 +02:00 · 2021-06-15 23:24:23 +02:00 · 3f1d93bb4e
commit 3f1d93bb4e
parent e21e4b2b24
2 changed files with 21 additions and 1 deletions
--- a/spec/util_format_spec.lua
+++ b/spec/util_format_spec.lua
@ -15,5 +15,10 @@ describe("util.format", function()
 			assert.equal("[1.5]", format("%d", 1.5));
 			assert.equal("[7.3786976294838e+19]", format("%d", 73786976294838206464));
 		end);
+
+		it("escapes ascii control stuff", function ()
+			assert.equal("␁", format("%s", "\1"));
+		end);
+
 	end);
 end);