cd544e548b
giveup changed to filter out control characters. (It is too low level to make it use StringContainingQuotedPath.) error still does not, but it should only be used for internal errors, where the message is not attacker-controlled. Changed a lot of existing error to giveup when it is not strictly an internal error. Of course, other exceptions can still be thrown, either by code in git-annex, or a library, that include some attacker-controlled value. This does not guard against those. Sponsored-by: Noam Kremen on Patreon
24 lines
627 B
Haskell
24 lines
627 B
Haskell
{- Safe output to the terminal of possibly attacker-controlled strings,
|
|
- avoiding displaying control characters.
|
|
-
|
|
- Copyright 2023 Joey Hess <id@joeyh.name>
|
|
-
|
|
- License: BSD-2-clause
|
|
-}
|
|
|
|
{-# LANGUAGE TypeSynonymInstances, FlexibleInstances #-}
|
|
{-# OPTIONS_GHC -fno-warn-tabs #-}
|
|
|
|
module Utility.SafeOutput (safeOutput) where
|
|
|
|
import Data.Char
|
|
import qualified Data.ByteString as S
|
|
|
|
class SafeOutputtable t where
|
|
safeOutput :: t -> t
|
|
|
|
instance SafeOutputtable String where
|
|
safeOutput = filter (not . isControl)
|
|
|
|
instance SafeOutputtable S.ByteString where
|
|
safeOutput = S.filter (not . isControl . chr . fromIntegral)
|