nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-06-30 19:12:48 -05:00
Code Issues Projects Releases Wiki Activity

Rework handling of untrusted terminal data.

Browse Source 
Now there's a centralised routine in misc.c to do the sanitisation,
which copies data on to an outgoing bufchain. This allows me to remove
from_backend_untrusted() completely from the frontend API, simplifying
code in several places.

Two use cases for untrusted-terminal-data sanitisation were in the
terminal.c prompts handler, and in the collection of SSH-2 userauth
banners. Both of those were writing output to a bufchain anyway, so
it was very convenient to just replace a bufchain_add with
sanitise_term_data and then not have to worry about it again.

There was also a simplistic sanitiser in uxcons.c, which I've now
replaced with a call to the good one - and in wincons.c there was a
FIXME saying I ought to get round to that, which now I have!
This commit is contained in:
Simon Tatham
2018-09-19 18:22:36 +01:00
parent af8e526a7d
commit 63a14f26f7
13 changed files with 64 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
terminal.c
View File

@ -6624,10 +6624,8 @@ int term_ldisc(Terminal *term, int option)
return FALSE;
}
int term_data(Terminal *term, int is_stderr, const void *data, int len)
static void term_added_data(Terminal *term)
{
bufchain_add(&term->inbuf, data, len);
if (!term->in_term_out) {
term->in_term_out = TRUE;
term_reset_cblink(term);
@ -6640,6 +6638,12 @@ int term_data(Terminal *term, int is_stderr, const void *data, int len)
term_out(term);
term->in_term_out = FALSE;
}
}
int term_data(Terminal *term, int is_stderr, const void *data, int len)
{
bufchain_add(&term->inbuf, data, len);
term_added_data(term);
/*
* term_out() always completely empties inbuf. Therefore,
@ -6663,23 +6667,10 @@ int term_data(Terminal *term, int is_stderr, const void *data, int len)
return 0;
}
/*
* Write untrusted data to the terminal.
* The only control character that should be honoured is \n (which
* will behave as a CRLF).
*/
int term_data_untrusted(Terminal *term, const void *vdata, int len)
static void term_data_untrusted(Terminal *term, const void *data, int len)
{
const char *data = (const char *)vdata;
int i;
/* FIXME: more sophisticated checking? */
for (i = 0; i < len; i++) {
if (data[i] == '\n')
term_data(term, 1, "\r\n", 2);
else if (data[i] & 0x60)
term_data(term, 1, data + i, 1);
}
return 0; /* assumes that term_data() always returns 0 */
sanitise_term_data(&term->inbuf, data, len);
term_added_data(term);
}
void term_provide_logctx(Terminal *term, LogContext *logctx)