prosody
e0a8c5b1ab4f
util/format.lua
Software / code / prosody
Comparison
util/format.lua @ 12039:e0a8c5b1ab4f
util.format: Ensure metatable __tostring results are also sanitized
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 13 Dec 2021 16:34:55 +0100 |
| parent | 12036:2ce06f788093 |
| child | 12040:337b489532b7 |
comparison
equal
deleted
inserted
replaced
| 12038:4e54334febc1 | 12039:e0a8c5b1ab4f |
|---|---|
| 68 | 68 |
| 69 if option == "s" and t == "string" and not arg:find("[%z\1-\31\128-\255]") then | 69 if option == "s" and t == "string" and not arg:find("[%z\1-\31\128-\255]") then |
| 70 -- No UTF-8 or control characters, assumed to be the common case. | 70 -- No UTF-8 or control characters, assumed to be the common case. |
| 71 return | 71 return |
| 72 elseif option == "s" and t ~= "string" then | 72 elseif option == "s" and t ~= "string" then |
| 73 args[i] = tostring(arg); | 73 arg = tostring(arg); |
| 74 t = "string"; | |
| 74 end | 75 end |
| 75 | 76 |
| 76 if option ~= "s" and option ~= "q" and option ~= "p" then | 77 if option ~= "s" and option ~= "q" and option ~= "p" then |
| 77 -- all other options expect numbers | 78 -- all other options expect numbers |
| 78 if t ~= "number" then | 79 if t ~= "number" then |
