aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorkwolekr <kwolekr@minetest.net>2014-12-09 23:52:13 -0500
committerkwolekr <kwolekr@minetest.net>2014-12-09 23:52:13 -0500
commit88c28414f4a88c8d66f9cadb150896f9e25527ae (patch)
tree86fa93a500aa4443eff36e49b9c5cae897acc16b /src
parentd50878d608fdea2be890ff75b93212f5bba1d6f8 (diff)
downloadminetest-88c28414f4a88c8d66f9cadb150896f9e25527ae.tar.gz
minetest-88c28414f4a88c8d66f9cadb150896f9e25527ae.tar.bz2
minetest-88c28414f4a88c8d66f9cadb150896f9e25527ae.zip
Settings: Sanitize setting name everywhere, not just LuaSettings
Diffstat (limited to 'src')
-rw-r--r--src/script/lua_api/l_settings.cpp2
-rw-r--r--src/settings.cpp18
-rw-r--r--src/settings.h2
-rw-r--r--src/test.cpp4
4 files changed, 12 insertions, 14 deletions
diff --git a/src/script/lua_api/l_settings.cpp b/src/script/lua_api/l_settings.cpp
index c2c6f009d..13a88ee95 100644
--- a/src/script/lua_api/l_settings.cpp
+++ b/src/script/lua_api/l_settings.cpp
@@ -73,7 +73,7 @@ int LuaSettings::l_set(lua_State* L)
std::string key = std::string(luaL_checkstring(L, 2));
const char* value = luaL_checkstring(L, 3);
- o->m_settings->set(Settings::sanitizeString(key), value);
+ o->m_settings->set(key, value);
return 1;
}
diff --git a/src/settings.cpp b/src/settings.cpp
index 487b3da78..aec4b8f65 100644
--- a/src/settings.cpp
+++ b/src/settings.cpp
@@ -63,16 +63,6 @@ Settings & Settings::operator = (const Settings &other)
}
-std::string Settings::sanitizeString(const std::string &value)
-{
- std::string str = value;
- for (const char *s = "\t\n\v\f\r\b =\""; *s; s++)
- str.erase(std::remove(str.begin(), str.end(), *s), str.end());
-
- return str;
-}
-
-
std::string Settings::getMultiline(std::istream &is, size_t *num_lines)
{
size_t lines = 1;
@@ -689,10 +679,16 @@ void Settings::setEntry(const std::string &name, const void *data,
{
Settings *old_group = NULL;
+ // Strip any potentially dangerous characters from the name (note the value
+ // has no such restrictions)
+ std::string n(name);
+ for (const char *s = "\t\n\v\f\r\b =\""; *s; s++)
+ n.erase(std::remove(n.begin(), n.end(), *s), n.end());
+
{
JMutexAutoLock lock(m_mutex);
- SettingsEntry &entry = set_default ? m_defaults[name] : m_settings[name];
+ SettingsEntry &entry = set_default ? m_defaults[n] : m_settings[n];
old_group = entry.group;
entry.value = set_group ? "" : *(const std::string *)data;
diff --git a/src/settings.h b/src/settings.h
index 7241877bd..cf27f2620 100644
--- a/src/settings.h
+++ b/src/settings.h
@@ -55,6 +55,7 @@ struct ValueSpec {
type = a_type;
help = a_help;
}
+
ValueType type;
const char *help;
};
@@ -112,7 +113,6 @@ public:
const std::string &end, u32 tab_depth=0);
static std::string getMultiline(std::istream &is, size_t *num_lines=NULL);
- static std::string sanitizeString(const std::string &value);
static void printEntry(std::ostream &os, const std::string &name,
const SettingsEntry &entry, u32 tab_depth=0);
diff --git a/src/test.cpp b/src/test.cpp
index 63d8219a9..adae8ff57 100644
--- a/src/test.cpp
+++ b/src/test.cpp
@@ -531,7 +531,9 @@ struct TestSettings: public TestBase
group2->setS16("num_oranges", 53);
group2->setGroup("animals", group3);
group2->set("animals", "cute"); //destroys group 3
- s.setGroup("groupy_thing", group2);
+
+ // the bad chars in here should be stripped
+ s.setGroup("groupy \"_\" thing", group2);
// Test multiline settings
UASSERT(group->get("ccc") == "testy\n testa ");