diff options
author | kwolekr <kwolekr@minetest.net> | 2014-12-09 23:52:13 -0500 |
---|---|---|
committer | kwolekr <kwolekr@minetest.net> | 2014-12-09 23:52:13 -0500 |
commit | 88c28414f4a88c8d66f9cadb150896f9e25527ae (patch) | |
tree | 86fa93a500aa4443eff36e49b9c5cae897acc16b /src/settings.cpp | |
parent | d50878d608fdea2be890ff75b93212f5bba1d6f8 (diff) | |
download | minetest-88c28414f4a88c8d66f9cadb150896f9e25527ae.tar.gz minetest-88c28414f4a88c8d66f9cadb150896f9e25527ae.tar.bz2 minetest-88c28414f4a88c8d66f9cadb150896f9e25527ae.zip |
Settings: Sanitize setting name everywhere, not just LuaSettings
Diffstat (limited to 'src/settings.cpp')
-rw-r--r-- | src/settings.cpp | 18 |
1 files changed, 7 insertions, 11 deletions
diff --git a/src/settings.cpp b/src/settings.cpp index 487b3da78..aec4b8f65 100644 --- a/src/settings.cpp +++ b/src/settings.cpp @@ -63,16 +63,6 @@ Settings & Settings::operator = (const Settings &other) } -std::string Settings::sanitizeString(const std::string &value) -{ - std::string str = value; - for (const char *s = "\t\n\v\f\r\b =\""; *s; s++) - str.erase(std::remove(str.begin(), str.end(), *s), str.end()); - - return str; -} - - std::string Settings::getMultiline(std::istream &is, size_t *num_lines) { size_t lines = 1; @@ -689,10 +679,16 @@ void Settings::setEntry(const std::string &name, const void *data, { Settings *old_group = NULL; + // Strip any potentially dangerous characters from the name (note the value + // has no such restrictions) + std::string n(name); + for (const char *s = "\t\n\v\f\r\b =\""; *s; s++) + n.erase(std::remove(n.begin(), n.end(), *s), n.end()); + { JMutexAutoLock lock(m_mutex); - SettingsEntry &entry = set_default ? m_defaults[name] : m_settings[name]; + SettingsEntry &entry = set_default ? m_defaults[n] : m_settings[n]; old_group = entry.group; entry.value = set_group ? "" : *(const std::string *)data; |