XML encode the strings in the device description (b/17754708)
Change-Id: I8d05e92178835984b4e540ea824470f060c22c5e
diff --git a/src/server/quick_ssdp.c b/src/server/quick_ssdp.c
index 7c3a3ae..3a399ea 100644
--- a/src/server/quick_ssdp.c
+++ b/src/server/quick_ssdp.c
@@ -34,6 +34,7 @@
#include <unistd.h>
#include "mongoose.h"
+#include "url_lib.h"
// TODO: Partners should define this port
#define SSDP_PORT (56790)
@@ -208,20 +209,17 @@
socklen_t len = sizeof(sa);
if(pFriendlyName) {
- strncpy(friendly_name, pFriendlyName, sizeof(friendly_name));
- friendly_name[255] = '\0';
+ xmlencode(friendly_name, pFriendlyName, sizeof(friendly_name));
} else {
strcpy(friendly_name, "DIAL server sample");
}
if(pModelName) {
- strncpy(model_name, pModelName, sizeof(model_name));
- model_name[255] = '\0';
+ xmlencode(model_name, pModelName, sizeof(model_name));
} else {
strcpy(model_name, "deadbeef-dead-beef-dead-beefdeadbeef");
}
if(pUuid) {
- strncpy(uuid, pUuid, sizeof(uuid));
- uuid[255] = '\0';
+ xmlencode(uuid, pUuid, sizeof(uuid));
} else {
strcpy(uuid, "deadbeef-dead-beef-dead-beefdeadbeef");
}
diff --git a/src/server/url_lib.c b/src/server/url_lib.c
index 498b221..b743a38 100644
--- a/src/server/url_lib.c
+++ b/src/server/url_lib.c
@@ -87,31 +87,48 @@
void xmlencode(char *dst, const char *src, size_t max_size) {
size_t current_size = 0;
while (*src && current_size < max_size) {
- switch (*src) {
- case '&':
- dst = smartstrcat(dst, "&", max_size - current_size);
- current_size += 5;
- break;
- case '\"':
- dst = smartstrcat(dst, """, max_size - current_size);
- current_size += 6;
- break;
- case '\'':
- dst = smartstrcat(dst, "'", max_size - current_size);
- current_size += 6;
- break;
- case '<':
- dst = smartstrcat(dst, "<", max_size - current_size);
- current_size += 4;
- break;
- case '>':
- dst = smartstrcat(dst, ">", max_size - current_size);
- current_size += 4;
- break;
- default:
- *dst++ = *src;
- current_size++;
- break;
+ // Discard invalid characters for xml encoding, assuming input
+ // shouldn't contain utf.
+ if(!((*src&0x80) ||
+ (*src < 0x20 && *src != 0x09 && *src != 0x0A && *src != 0x0D))) {
+ switch (*src) {
+ case '\t':
+ dst = smartstrcat(dst, "	", max_size - current_size);
+ current_size += 5;
+ break;
+ case '\n':
+ dst = smartstrcat(dst, "
", max_size - current_size);
+ current_size += 5;
+ break;
+ case '\r':
+ dst = smartstrcat(dst, "
", max_size - current_size);
+ current_size += 5;
+ break;
+ case '&':
+ dst = smartstrcat(dst, "&", max_size - current_size);
+ current_size += 5;
+ break;
+ case '\"':
+ dst = smartstrcat(dst, """, max_size - current_size);
+ current_size += 6;
+ break;
+ case '\'':
+ dst = smartstrcat(dst, "'", max_size - current_size);
+ current_size += 6;
+ break;
+ case '<':
+ dst = smartstrcat(dst, "<", max_size - current_size);
+ current_size += 4;
+ break;
+ case '>':
+ dst = smartstrcat(dst, ">", max_size - current_size);
+ current_size += 4;
+ break;
+ default:
+ *dst++ = *src;
+ current_size++;
+ break;
+ }
}
src++;
}
