Skip to content

Commit

Permalink
Sanitize the content of blob (contains controls characters like '\n')
Browse files Browse the repository at this point in the history
  • Loading branch information
@dinosaure
dinosaure committed Nov 10, 2015
1 parent b083f20 commit 5fb4b86
Showing 1 changed file with 11 additions and 1 deletion.
12 changes: 11 additions & 1 deletion lib/github_core.ml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1713,12 +1713,22 @@ module Make(Time : Github_s.Time)(CL : Cohttp_lwt.Client) = struct
[ `Base64
| `Utf8 ]

let sanitize x =
let result = Buffer.create (String.length x) in
for i = 0 to String.length x - 1 do
if String.unsafe_get x i >= '\000' && String.unsafe_get x i <= '\031'
|| String.unsafe_get x i = '\127'
then () (* ignore CTLs characters *)
else Buffer.add_char result (String.unsafe_get x i)
done;
Buffer.contents result

let encode ~encoding content = match encoding with
| `Base64 -> B64.encode content
| `Utf8 -> content

let decode ~encoding content = match encoding with
| `Base64 -> B64.decode content
| `Base64 -> sanitize content |> B64.decode
| `Utf8 -> content

let of_string = function
Expand Down

1 comment on commit 5fb4b86

@dsheets
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This feels very heavy-weight for the issue at hand. It does lots of copying, doesn't handle characters larger than 127, and hides potential errors. I'd prefer if this important and common issue were address by ocaml-base64 so I've opened mirage/ocaml-base64#5 and mirage/ocaml-base64#6.

Please sign in to comment.