Software /
code /
prosody
Annotate
util/format.lua @ 12943:297b4cfcc3d9
util.jsonschema: Ignore some new tests in test suite
These seem to be using absolute URI references, Not Yet Implemented
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 11 Mar 2023 12:01:17 +0100 |
parent | 12781:22066b02887f |
child | 12975:d10957394a3c |
rev | line source |
---|---|
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
1 -- |
12221
056b7920b686
util.format: Expand explanation of purpose in comments
Kim Alvefur <zash@zash.se>
parents:
12220
diff
changeset
|
2 -- A string.format wrapper that gracefully handles invalid arguments since |
12261
f7946c8e502f
util.format: Fix typo in comment [codespell]
Kim Alvefur <zash@zash.se>
parents:
12221
diff
changeset
|
3 -- certain format string and argument combinations may cause errors or other |
12221
056b7920b686
util.format: Expand explanation of purpose in comments
Kim Alvefur <zash@zash.se>
parents:
12220
diff
changeset
|
4 -- issues like log spoofing |
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
5 -- |
12221
056b7920b686
util.format: Expand explanation of purpose in comments
Kim Alvefur <zash@zash.se>
parents:
12220
diff
changeset
|
6 -- Provides some protection from e.g. CAPEC-135, CWE-117, CWE-134, CWE-93 |
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
7 |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
8 local tostring = tostring; |
12589
39ae08180c81
compat: Remove handling of Lua 5.1 location of 'unpack' function
Kim Alvefur <zash@zash.se>
parents:
12573
diff
changeset
|
9 local unpack = table.unpack; |
12590
5eaf77114fdb
compat: Use table.pack (there since Lua 5.2) over our util.table
Kim Alvefur <zash@zash.se>
parents:
12589
diff
changeset
|
10 local pack = table.pack; |
12031
87bc26f23d9b
util.format: Escape invalid UTF-8 by passing trough serialization
Kim Alvefur <zash@zash.se>
parents:
11648
diff
changeset
|
11 local valid_utf8 = require "util.encodings".utf8.valid; |
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
12 local type = type; |
9693
6ed0d6224d64
util.format: Serialize values for the %q format
Kim Alvefur <zash@zash.se>
parents:
9687
diff
changeset
|
13 local dump = require "util.serialization".new("debug"); |
12781
22066b02887f
util.startup: Provide a common Lua 5.3+ math.type() for Lua 5.2
Kim Alvefur <zash@zash.se>
parents:
12590
diff
changeset
|
14 local num_type = math.type; |
10034
4fca92d60040
util.format: Handle formats expecting an integer in Lua 5.3+ (fixes #1371)
Kim Alvefur <zash@zash.se>
parents:
9693
diff
changeset
|
15 |
10035
386f085820e6
util.format: Handle integer formats the same way on Lua versions without integer support
Kim Alvefur <zash@zash.se>
parents:
10034
diff
changeset
|
16 -- In Lua 5.3+ these formats throw an error if given a float |
386f085820e6
util.format: Handle integer formats the same way on Lua versions without integer support
Kim Alvefur <zash@zash.se>
parents:
10034
diff
changeset
|
17 local expects_integer = { c = true, d = true, i = true, o = true, u = true, X = true, x = true, }; |
12036
2ce06f788093
util.format: Fix some formats expecting positive numbers in Lua 5.2
Kim Alvefur <zash@zash.se>
parents:
12035
diff
changeset
|
18 -- In Lua 5.2 these throw an error given a negative number |
2ce06f788093
util.format: Fix some formats expecting positive numbers in Lua 5.2
Kim Alvefur <zash@zash.se>
parents:
12035
diff
changeset
|
19 local expects_positive = { o = true; u = true; x = true; X = true }; |
11638
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
20 -- Printable Unicode replacements for control characters |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
21 local control_symbols = { |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
22 -- 0x00 .. 0x1F --> U+2400 .. U+241F, 0x7F --> U+2421 |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
23 ["\000"] = "\226\144\128", ["\001"] = "\226\144\129", ["\002"] = "\226\144\130", |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
24 ["\003"] = "\226\144\131", ["\004"] = "\226\144\132", ["\005"] = "\226\144\133", |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
25 ["\006"] = "\226\144\134", ["\007"] = "\226\144\135", ["\008"] = "\226\144\136", |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
26 ["\009"] = "\226\144\137", ["\010"] = "\226\144\138", ["\011"] = "\226\144\139", |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
27 ["\012"] = "\226\144\140", ["\013"] = "\226\144\141", ["\014"] = "\226\144\142", |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
28 ["\015"] = "\226\144\143", ["\016"] = "\226\144\144", ["\017"] = "\226\144\145", |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
29 ["\018"] = "\226\144\146", ["\019"] = "\226\144\147", ["\020"] = "\226\144\148", |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
30 ["\021"] = "\226\144\149", ["\022"] = "\226\144\150", ["\023"] = "\226\144\151", |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
31 ["\024"] = "\226\144\152", ["\025"] = "\226\144\153", ["\026"] = "\226\144\154", |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
32 ["\027"] = "\226\144\155", ["\028"] = "\226\144\156", ["\029"] = "\226\144\157", |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
33 ["\030"] = "\226\144\158", ["\031"] = "\226\144\159", ["\127"] = "\226\144\161", |
5f4a657136bc
util.format: Escape ASCII control characters in output
Kim Alvefur <zash@zash.se>
parents:
10035
diff
changeset
|
34 }; |
12035
dc7ab05005e8
util.format: Fix Lua 5.1 quirks thanks to ALL THE TESTS
Kim Alvefur <zash@zash.se>
parents:
12033
diff
changeset
|
35 local supports_p = pcall(string.format, "%p", ""); -- >= Lua 5.4 |
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
36 |
8382
e5d00bf4a4d5
util: Various minor changes to please [luacheck]
Kim Alvefur <zash@zash.se>
parents:
8225
diff
changeset
|
37 local function format(formatstring, ...) |
9687
8c92ef4270c9
util.format: Use pack from util.table
Kim Alvefur <zash@zash.se>
parents:
9656
diff
changeset
|
38 local args = pack(...); |
8c92ef4270c9
util.format: Use pack from util.table
Kim Alvefur <zash@zash.se>
parents:
9656
diff
changeset
|
39 local args_length = args.n; |
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
40 |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
41 -- format specifier spec: |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
42 -- 1. Start: '%%' |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
43 -- 2. Flags: '[%-%+ #0]' |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
44 -- 3. Width: '%d?%d?' |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
45 -- 4. Precision: '%.?%d?%d?' |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
46 -- 5. Option: '[cdiouxXaAeEfgGqs%%]' |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
47 -- |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
48 -- The options c, d, E, e, f, g, G, i, o, u, X, and x all expect a number as argument, whereas q and s expect a string. |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
49 -- This function does not accept string values containing embedded zeros, except as arguments to the q option. |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
50 -- a and A are only in Lua 5.2+ |
12033
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
51 -- Lua 5.4 adds a p format that produces a pointer |
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
52 |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
53 |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
54 -- process each format specifier |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
55 local i = 0; |
12033
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
56 formatstring = formatstring:gsub("%%[^cdiouxXaAeEfgGpqs%%]*[cdiouxXaAeEfgGpqs%%]", function(spec) |
12032
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
57 if spec == "%%" then return end |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
58 i = i + 1; |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
59 local arg = args[i]; |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
60 |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
61 if arg == nil then |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
62 args[i] = "nil"; |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
63 return "(%s)"; |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
64 end |
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
65 |
12032
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
66 local option = spec:sub(-1); |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
67 local t = type(arg); |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
68 |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
69 if option == "s" and t == "string" and not arg:find("[%z\1-\31\128-\255]") then |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
70 -- No UTF-8 or control characters, assumed to be the common case. |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
71 return |
12040
337b489532b7
util.format: Optimize most common integer format
Kim Alvefur <zash@zash.se>
parents:
12039
diff
changeset
|
72 elseif t == "number" then |
337b489532b7
util.format: Optimize most common integer format
Kim Alvefur <zash@zash.se>
parents:
12039
diff
changeset
|
73 if option == "g" or (option == "d" and num_type(arg) == "integer") then return end |
12035
dc7ab05005e8
util.format: Fix Lua 5.1 quirks thanks to ALL THE TESTS
Kim Alvefur <zash@zash.se>
parents:
12033
diff
changeset
|
74 elseif option == "s" and t ~= "string" then |
12039
e0a8c5b1ab4f
util.format: Ensure metatable __tostring results are also sanitized
Kim Alvefur <zash@zash.se>
parents:
12036
diff
changeset
|
75 arg = tostring(arg); |
e0a8c5b1ab4f
util.format: Ensure metatable __tostring results are also sanitized
Kim Alvefur <zash@zash.se>
parents:
12036
diff
changeset
|
76 t = "string"; |
12032
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
77 end |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
78 |
12033
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
79 if option ~= "s" and option ~= "q" and option ~= "p" then |
12032
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
80 -- all other options expect numbers |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
81 if t ~= "number" then |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
82 -- arg isn't number as expected? |
12031
87bc26f23d9b
util.format: Escape invalid UTF-8 by passing trough serialization
Kim Alvefur <zash@zash.se>
parents:
11648
diff
changeset
|
83 arg = tostring(arg); |
87bc26f23d9b
util.format: Escape invalid UTF-8 by passing trough serialization
Kim Alvefur <zash@zash.se>
parents:
11648
diff
changeset
|
84 option = "s"; |
87bc26f23d9b
util.format: Escape invalid UTF-8 by passing trough serialization
Kim Alvefur <zash@zash.se>
parents:
11648
diff
changeset
|
85 spec = "[%s]"; |
87bc26f23d9b
util.format: Escape invalid UTF-8 by passing trough serialization
Kim Alvefur <zash@zash.se>
parents:
11648
diff
changeset
|
86 t = "string"; |
10034
4fca92d60040
util.format: Handle formats expecting an integer in Lua 5.3+ (fixes #1371)
Kim Alvefur <zash@zash.se>
parents:
9693
diff
changeset
|
87 elseif expects_integer[option] and num_type(arg) ~= "integer" then |
4fca92d60040
util.format: Handle formats expecting an integer in Lua 5.3+ (fixes #1371)
Kim Alvefur <zash@zash.se>
parents:
9693
diff
changeset
|
88 args[i] = tostring(arg); |
12032
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
89 return "[%s]"; |
12036
2ce06f788093
util.format: Fix some formats expecting positive numbers in Lua 5.2
Kim Alvefur <zash@zash.se>
parents:
12035
diff
changeset
|
90 elseif expects_positive[option] and arg < 0 then |
2ce06f788093
util.format: Fix some formats expecting positive numbers in Lua 5.2
Kim Alvefur <zash@zash.se>
parents:
12035
diff
changeset
|
91 args[i] = tostring(arg); |
2ce06f788093
util.format: Fix some formats expecting positive numbers in Lua 5.2
Kim Alvefur <zash@zash.se>
parents:
12035
diff
changeset
|
92 return "[%s]"; |
12032
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
93 else |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
94 return -- acceptable number |
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
95 end |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
96 end |
12032
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
97 |
12033
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
98 |
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
99 if option == "p" and not supports_p then |
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
100 arg = tostring(arg); |
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
101 option = "s"; |
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
102 spec = "[%s]"; |
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
103 t = "string"; |
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
104 end |
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
105 |
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
106 if t == "string" and option ~= "p" then |
12032
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
107 if not valid_utf8(arg) then |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
108 option = "q"; |
12220
25b853e64d83
util.format: Skip control code escaping when doing full serialization
Kim Alvefur <zash@zash.se>
parents:
12040
diff
changeset
|
109 elseif option ~= "q" then -- gets fully escaped in the next block |
12221
056b7920b686
util.format: Expand explanation of purpose in comments
Kim Alvefur <zash@zash.se>
parents:
12220
diff
changeset
|
110 -- Prevent funny things with ASCII control characters and ANSI escape codes (CWE-117) |
056b7920b686
util.format: Expand explanation of purpose in comments
Kim Alvefur <zash@zash.se>
parents:
12220
diff
changeset
|
111 -- Also ensure embedded newlines can't look like another log line (CWE-93) |
12032
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
112 args[i] = arg:gsub("[%z\1-\8\11-\31\127]", control_symbols):gsub("\n\t?", "\n\t"); |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
113 return spec; |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
114 end |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
115 end |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
116 |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
117 if option == "q" then |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
118 args[i] = dump(arg); |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
119 return "%s"; |
3db09eb4c43b
util.format: Ensure sanitation of strings passed to wrong format
Kim Alvefur <zash@zash.se>
parents:
12031
diff
changeset
|
120 end |
12033
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
121 |
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
122 if option == "p" and (t == "boolean" or t == "number") then |
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
123 args[i] = tostring(arg); |
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
124 return "[%s]"; |
161f8268c4b3
util.format: Also handle the %p format added in Lua 5.4
Kim Alvefur <zash@zash.se>
parents:
12032
diff
changeset
|
125 end |
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
126 end); |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
127 |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
128 -- process extra args |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
129 while i < args_length do |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
130 i = i + 1; |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
131 local arg = args[i]; |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
132 if arg == nil then |
11644
fc1b8fe94d04
util.format: Change formatting of nil values to avoid looking like XML
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
133 args[i] = "(nil)"; |
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
134 else |
11648
96d3cbeb9275
util.format: Escape ASCII control characters also in extra arguments
Kim Alvefur <zash@zash.se>
parents:
11647
diff
changeset
|
135 args[i] = tostring(arg):gsub("[%z\1-\8\11-\31\127]", control_symbols):gsub("\n\t?", "\n\t"); |
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
136 end |
8382
e5d00bf4a4d5
util: Various minor changes to please [luacheck]
Kim Alvefur <zash@zash.se>
parents:
8225
diff
changeset
|
137 formatstring = formatstring .. " [%s]" |
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
138 end |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
139 |
8382
e5d00bf4a4d5
util: Various minor changes to please [luacheck]
Kim Alvefur <zash@zash.se>
parents:
8225
diff
changeset
|
140 return formatstring:format(unpack(args)); |
8225
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
141 end |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
142 |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
143 return { |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
144 format = format; |
70cb72f46a3b
util.format: A string.format wrapper that gracefully handles invalid arguments
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
145 }; |