2010/8/14 Stephen Boyd <bebarino@xxxxxxxxx>:
> On 08/03/2010 02:50 PM, Jakub Narebski wrote:
>>
>> +
>> + my $title = to_utf8("Search for commits $performed by $author");
>> + $title =~ s/[[:cntrl:]]/?/g;
>> +
>>
>
> Isn't it possible that other data coming from git could have escape
> characters in them such as the commit subject line? In which case this same
> bug would occur?
>
> Therefore isn't it better to strip out control characters (that's what this
> patch is doing right?) in esc_html?
I don't think stripping them out is the right thing either, hiding
from you that something is Really Wrong (binary garbage in patches)
isn't good.
Something like this would be better:
s/([[:cntrl:]])/sprintf("\\%03x", ord $1)/ge
E.g.:
$ perl -E 'my $s = join "", map { chr } 1 .. 40; $s =~
s/([[:cntrl:]])/sprintf("\\%03x", ord $1)/ge; say $s'
\001\002\003\004\005\006\007\008\009\00a\00b\00c\00d\00e\00f\010\011\012\013\014\015\016\017\018\019\01a\01b\01c\01d\01e\01f
!"#$%&'(
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html