diff mbox

[v2] localedef: check LC_IDENTIFICATION.category values

Message ID 1460668862-10196-1-git-send-email-vapier@gentoo.org
State New
Headers show

Commit Message

Mike Frysinger April 14, 2016, 9:21 p.m. UTC 
Currently localedef accepts any value for the category keyword.  This has
allowed bad values to propagate to the vast majority of locales (~90%).
Add some logic to only accept a few standards.

2016-04-13  Mike Frysinger  <vapier@gentoo.org>

	* locale/programs/ld-identification.c (identification_finish): Check
	that the values in identification->category are only known.
---
v2:
	- tweak list of accepted standards

 locale/programs/ld-identification.c | 43 +++++++++++++++++++++++++++++++------
 1 file changed, 36 insertions(+), 7 deletions(-)

Comments

Carlos O'Donell April 15, 2016, 4:44 a.m. UTC | #1 
On 04/14/2016 05:21 PM, Mike Frysinger wrote:
> Currently localedef accepts any value for the category keyword.  This has
> allowed bad values to propagate to the vast majority of locales (~90%).
> Add some logic to only accept a few standards.
> 
> 2016-04-13  Mike Frysinger  <vapier@gentoo.org>
> 
> 	* locale/programs/ld-identification.c (identification_finish): Check
> 	that the values in identification->category are only known.
> ---
> v2:
> 	- tweak list of accepted standards

OK if you expand the comment "Only list the standards we care about." to
list the standards we reviewed when making this list, that way a future
developers can review.
Mike Frysinger April 15, 2016, 4:46 p.m. UTC | #2 
On 15 Apr 2016 00:44, Carlos O'Donell wrote:
> On 04/14/2016 05:21 PM, Mike Frysinger wrote:
> > Currently localedef accepts any value for the category keyword.  This has
> > allowed bad values to propagate to the vast majority of locales (~90%).
> > Add some logic to only accept a few standards.
> > 
> > 2016-04-13  Mike Frysinger  <vapier@gentoo.org>
> > 
> > 	* locale/programs/ld-identification.c (identification_finish): Check
> > 	that the values in identification->category are only known.
> > ---
> > v2:
> > 	- tweak list of accepted standards
> 
> OK if you expand the comment "Only list the standards we care about." to
> list the standards we reviewed when making this list, that way a future
> developers can review.

ok, i've written:
          /* Only list the standards we care about.  This is based on the
             ISO 30112 WD10 [2014] standard which supersedes all previous
             revisions of the ISO 14652 standard.  */ 
-mike
diff mbox

Patch

diff --git a/locale/programs/ld-identification.c b/locale/programs/ld-identification.c
index 1e8fa84..9234304 100644
--- a/locale/programs/ld-identification.c
+++ b/locale/programs/ld-identification.c
@@ -164,14 +164,43 @@  No definition for %s category found"), "LC_IDENTIFICATION"));
   TEST_ELEM (date);
 
   for (num = 0; num < __LC_LAST; ++num)
-    if (num != LC_ALL && identification->category[num] == NULL)
-      {
-	if (verbose && ! nothing)
-	  WITH_CUR_LOCALE (error (0, 0, _("\
+    {
+      /* We don't accept/parse this category, so skip it early.  */
+      if (num == LC_ALL)
+	continue;
+
+      if (identification->category[num] == NULL)
+	{
+	  if (verbose && ! nothing)
+	    WITH_CUR_LOCALE (error (0, 0, _("\
 %s: no identification for category `%s'"),
-				  "LC_IDENTIFICATION", category_name[num]));
-	identification->category[num] = "";
-      }
+				    "LC_IDENTIFICATION", category_name[num]));
+	  identification->category[num] = "";
+	}
+      else
+	{
+	  /* Only list the standards we care about.  */
+	  static const char * const standards[] =
+	    {
+	      "posix:1993",
+	      "i18n:2004",
+	      "i18n:2012",
+	    };
+	  size_t i;
+	  bool matched = false;
+
+	  for (i = 0; i < sizeof (standards) / sizeof (standards[0]); ++i)
+	    if (strcmp (identification->category[num], standards[i]) == 0)
+	      matched = true;
+
+	  if (matched != true)
+	    WITH_CUR_LOCALE (error (0, 0, _("\
+%s: unknown standard `%s' for category `%s'"),
+				    "LC_IDENTIFICATION",
+				    identification->category[num],
+				    category_name[num]));
+	}
+    }
 }