projects / citadel.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 814d4be)
check template token name for invalid chars; that way we find ')' etc.
authorWilfried Goesgens <dothebart@citadel.org>
Sat, 30 Jul 2011 16:23:32 +0000 (16:23 +0000)
committerWilfried Goesgens <dothebart@citadel.org>
Sun, 4 Sep 2011 21:44:36 +0000 (21:44 +0000)
webcit/subst.c patch | blob | history

diff --git a/webcit/subst.c b/webcit/subst.c
index 4048579ed244c31d4d65b7c126f6638808723508..54a59a425487e7ec8c45c9a5997dfb5c367fc922 100644 (file)
--- a/webcit/subst.c
+++ b/webcit/subst.c
@@ -1016,6 +1016,25 @@ WCTemplateToken *NewTemplateSubstitute(StrBuf *Buf,
        switch (NewToken->Flags) {
        case 0:
                /* If we're able to find out more about the token, do it now while its fresh. */
+               pch = NewToken->pName;
+               while (pch <  NewToken->pName + NewToken->NameEnd)
+               {
+                       if (((*pch >= 'A') && (*pch <= 'Z')) || 
+                           ((*pch >= '0') && (*pch <= '9')) ||
+                           (*pch == ':') || 
+                           (*pch == '-') ||
+                           (*pch == '_')) 
+                               pch ++;
+                       else
+                       {
+                               LogTemplateError(
+                                       NULL, "Token Name", ERR_NAME, &TP,
+                                       "contains illegal char: '%c'", 
+                                       *pch);
+                               pch++;
+                       }
+
+               }
                if (GetHash(GlobalNS, NewToken->pName, NewToken->NameEnd, &vVar)) {
                        HashHandler *Handler;
                        Handler = (HashHandler*) vVar;
Citadel server, clients, utilities