mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-04 05:37:39 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
12220 commits 12 branches 101 tags 40 MiB
Commit graph

22 commits

Author SHA1 Message Date
Kim Alvefur
c551d3d8dd util.format: Skip control code escaping when doing full serialization 
Fixes that a multi-line string ended up "like\
\9this" instead of "like\nthis" as can be demonstrated by somehow
initiating a connection to a HTTP server.
 2022-01-27 21:14:22 +01:00
Kim Alvefur
0e997ab3f9 util.format: Optimize most common integer format 
A search for log formats in use points to %s being the most common,
followed by %d, so worth having a fast path for that. %g works well with
most numbers and is what Lua 5.1 and 5.2 used
 2021-12-13 16:38:33 +01:00
Kim Alvefur
58c9115351 util.format: Ensure metatable __tostring results are also sanitized 2021-12-13 16:34:55 +01:00
Kim Alvefur
d482ece962 util.format: Fix some formats expecting positive numbers in Lua 5.2 
Amazing how string.format behaves differently under each Lua version
 2021-12-11 20:54:37 +01:00
Kim Alvefur
db41cd8e4d util.format: Fix Lua 5.1 quirks thanks to ALL THE TESTS 2021-12-11 20:40:23 +01:00
Kim Alvefur
0ddd204a27 util.format: Also handle the %p format added in Lua 5.4 2021-12-11 13:39:58 +01:00
Kim Alvefur
1eca4e8870 util.format: Ensure sanitation of strings passed to wrong format 
Ie. log("debug", "%d", "\1\2\3") should not result in garbage.

Also optimizing for the common case of ASCII string passed to %s and
early returns everywhere.

Returning nil from a gsub callback keeps the original substring.
 2021-12-11 13:30:34 +01:00
Kim Alvefur
d4c1451794 util.format: Escape invalid UTF-8 by passing trough serialization 
Should prevent invalid UTF-8 from making it into the logs, which can
cause trouble with terminals or log viewers or other tools, such as when
grep determines that log files are binary.
 2021-12-10 22:48:45 +01:00
Kim Alvefur
130f74381c util.format: Escape ASCII control characters also in extra arguments 2021-07-03 04:35:29 +02:00
Kim Alvefur
7e09f662cb util.format: Allow newlines but ensure following lines are indented 
This should a) prevent injection of text that looks like legitimate log
lines and b) not mangle tracebacks.
 2021-07-03 04:29:25 +02:00
Kim Alvefur
f179b18e2b util.format: Fix missing backslash in pattern 
Made the pattern match a longer range than intended, but with no effect
since those characters are not present in the 'control_symbols' table.
 2021-07-03 04:24:13 +02:00
Kim Alvefur
6e037dc045 util.format: Change formatting of nil values to avoid looking like XML 2021-06-29 16:18:31 +02:00
Kim Alvefur
3f1d93bb4e util.format: Escape ASCII control characters in output 
This should offer some protection against doing evil things to
terminals. Doesn't protect against pure broken UTF-8 garbage however.

See #734
 2021-06-15 23:24:23 +02:00
Kim Alvefur
2661a6f5a3 util.format: Handle integer formats the same way on Lua versions without integer support 2019-05-30 13:54:11 +02:00
Kim Alvefur
236abc4afe util.format: Handle formats expecting an integer in Lua 5.3+ (fixes #1371) 2019-05-30 13:41:05 +02:00
Kim Alvefur
177420df39 util.format: Serialize values for the %q format 
Improves eg debug logs
 2018-10-12 01:29:34 +02:00
Kim Alvefur
01deb521fd util.format: Use pack from util.table 2018-12-08 16:35:39 +01:00
Kim Alvefur
d007771f8d util.format: Tweak how nil values are handled 
Because [<nil>] seems exsessive
 2018-11-28 20:36:53 +01:00
Kim Alvefur
2facc56274 util.format: Import unpack from table lib in Lua 5.2+ 2017-11-23 20:55:21 +01:00
Kim Alvefur
0c4ad0fdbc util.format: Move tests to spec/ 2017-11-10 05:46:39 +01:00
Kim Alvefur
1438a38845 util: Various minor changes to please [luacheck] 2017-11-10 05:42:32 +01:00
Waqas Hussain
347f3ab6a3 util.format: A string.format wrapper that gracefully handles invalid arguments 2017-09-10 12:42:05 -04:00