Message ID | 20210715141553.17944-1-JPEWhacker@gmail.com |
---|---|
State | Accepted |
Headers | show |
Series | mongoose: Escape JSON strings | expand |
Hi Joshua, On 15.07.21 16:15, Joshua Watt wrote: > Adds escaping of JSON strings which prevents errors when there are > quotes in the encapsulated string > > Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> > --- > mongoose/mongoose_interface.c | 13 ++++++++++--- > 1 file changed, 10 insertions(+), 3 deletions(-) > > diff --git a/mongoose/mongoose_interface.c b/mongoose/mongoose_interface.c > index 5dc99f1..b6da93d 100644 > --- a/mongoose/mongoose_interface.c > +++ b/mongoose/mongoose_interface.c > @@ -183,6 +183,7 @@ static void *broadcast_progress_thread(void *data) > struct mg_mgr *mgr = (struct mg_mgr *) data; > struct progress_msg msg; > char str[512]; > + char escaped[512]; > int ret; > > if (fd < 0) > @@ -202,12 +203,14 @@ static void *broadcast_progress_thread(void *data) > if (msg.status != status || msg.status == FAILURE) { > status = msg.status; > > + snescape(escaped, sizeof(escaped), get_status_string(msg.status)); > + > snprintf(str, sizeof(str), > "{\r\n" > "\t\"type\": \"status\",\r\n" > "\t\"status\": \"%s\"\r\n" > "}\r\n", > - get_status_string(msg.status)); > + escaped); > broadcast(mgr, str); > } > > @@ -230,12 +233,14 @@ static void *broadcast_progress_thread(void *data) > } > > if (msg.infolen) { > + snescape(escaped, sizeof(escaped), msg.info); > + > snprintf(str, sizeof(str), > "{\r\n" > "\t\"type\": \"info\",\r\n" > "\t\"source\": \"%s\"\r\n" > "}\r\n", > - msg.info); > + escaped); > broadcast(mgr, str); > } > > @@ -244,6 +249,8 @@ static void *broadcast_progress_thread(void *data) > step = msg.cur_step; > percent = msg.cur_percent; > > + snescape(escaped, sizeof(escaped), msg.cur_step ? msg.cur_image: ""); > + > snprintf(str, sizeof(str), > "{\r\n" > "\t\"type\": \"step\",\r\n" > @@ -254,7 +261,7 @@ static void *broadcast_progress_thread(void *data) > "}\r\n", > msg.nsteps, > msg.cur_step, > - msg.cur_step ? msg.cur_image: "", > + escaped, > msg.cur_percent); > broadcast(mgr, str); > } > Acked-by: Stefano Babic <sbabic@denx.de> Best regards, Stefano Babic
diff --git a/mongoose/mongoose_interface.c b/mongoose/mongoose_interface.c index 5dc99f1..b6da93d 100644 --- a/mongoose/mongoose_interface.c +++ b/mongoose/mongoose_interface.c @@ -183,6 +183,7 @@ static void *broadcast_progress_thread(void *data) struct mg_mgr *mgr = (struct mg_mgr *) data; struct progress_msg msg; char str[512]; + char escaped[512]; int ret; if (fd < 0) @@ -202,12 +203,14 @@ static void *broadcast_progress_thread(void *data) if (msg.status != status || msg.status == FAILURE) { status = msg.status; + snescape(escaped, sizeof(escaped), get_status_string(msg.status)); + snprintf(str, sizeof(str), "{\r\n" "\t\"type\": \"status\",\r\n" "\t\"status\": \"%s\"\r\n" "}\r\n", - get_status_string(msg.status)); + escaped); broadcast(mgr, str); } @@ -230,12 +233,14 @@ static void *broadcast_progress_thread(void *data) } if (msg.infolen) { + snescape(escaped, sizeof(escaped), msg.info); + snprintf(str, sizeof(str), "{\r\n" "\t\"type\": \"info\",\r\n" "\t\"source\": \"%s\"\r\n" "}\r\n", - msg.info); + escaped); broadcast(mgr, str); } @@ -244,6 +249,8 @@ static void *broadcast_progress_thread(void *data) step = msg.cur_step; percent = msg.cur_percent; + snescape(escaped, sizeof(escaped), msg.cur_step ? msg.cur_image: ""); + snprintf(str, sizeof(str), "{\r\n" "\t\"type\": \"step\",\r\n" @@ -254,7 +261,7 @@ static void *broadcast_progress_thread(void *data) "}\r\n", msg.nsteps, msg.cur_step, - msg.cur_step ? msg.cur_image: "", + escaped, msg.cur_percent); broadcast(mgr, str); }
Adds escaping of JSON strings which prevents errors when there are quotes in the encapsulated string Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> --- mongoose/mongoose_interface.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-)