From: Wilfried Goesgens <dothebart@citadel.org>
Date: Sat, 30 Jul 2011 16:23:32 +0000 (+0000)
Subject: check template token name for invalid chars; that way we find ')' etc.
X-Git-Tag: v8.11~533
X-Git-Url: https://code.citadel.org/?a=commitdiff_plain;ds=sidebyside;h=d8ffbdf6d717dc1f2ffa82920cefc1a3048b07bc;p=citadel.git

check template token name for invalid chars; that way we find ')' etc.
---

diff --git a/webcit/subst.c b/webcit/subst.c
index 4048579ed..54a59a425 100644
--- a/webcit/subst.c
+++ b/webcit/subst.c
@@ -1016,6 +1016,25 @@ WCTemplateToken *NewTemplateSubstitute(StrBuf *Buf,
 	switch (NewToken->Flags) {
 	case 0:
 		/* If we're able to find out more about the token, do it now while its fresh. */
+		pch = NewToken->pName;
+		while (pch <  NewToken->pName + NewToken->NameEnd)
+		{
+			if (((*pch >= 'A') && (*pch <= 'Z')) || 
+			    ((*pch >= '0') && (*pch <= '9')) ||
+			    (*pch == ':') || 
+			    (*pch == '-') ||
+			    (*pch == '_')) 
+				pch ++;
+			else
+			{
+				LogTemplateError(
+					NULL, "Token Name", ERR_NAME, &TP,
+					"contains illegal char: '%c'", 
+					*pch);
+				pch++;
+			}
+
+		}
 		if (GetHash(GlobalNS, NewToken->pName, NewToken->NameEnd, &vVar)) {
 			HashHandler *Handler;
 			Handler = (HashHandler*) vVar;