New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
unescaped pathnames may be printed in error cases #2107
Comments
Good idea! Should such escaping be ASCII-centric or should it try to accommodate UTF-8?
|
Yeah, that's a good question :) Putting the onus on the consumer (e.g. bsdtar) makes it easier to determine if the escaping should be be context-dependent (e.g. based on IMO escaping control characters is sufficient, since it's really terminal escapes that we want to avoid and the failure mode of not escaping >127 in a non-UTF-8 context is presumably just printing some garbage characters. (That said, what does safe_fprintf do today?) |
From the comments in safe_fprintf:
|
Hmmm..... that seems reasonable enough in the context of immediately printing a string. If we were to change this to quote pathnames inside of the library when building the error string, I'm not sure such an approach would be appropriate. There, we might be better off just quoting any byte value less than 32. |
Archive-provided pathnames may appear in error strings - some examples in #1609, and in particular #1609 (comment).
The change in #1609 improved an error message, to address issue #1561. In addition the change switched one case that printed an error string from
safe_fprintf
tofprintf
. That case was switched back tosafe_fprintf
in #2101. There are however a number of other code paths that print error strings without escaping, vialafe_errc
orlafe_warnc
(and are completely independent of the changes in #1609).As @jsonn suggests in #1609 (comment) we may consider escaping these when adding them to an error string.
The text was updated successfully, but these errors were encountered: