Mercurial > gnulib

changeset 37187:7baf7a9d759f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
pmccabe2html: escaping of special characters The C code characters '<', '>', and '&' were improperly escaped in HTML output, and their multiplicity was ignored.
author Mats Erik Andersson <gnu@gisladisker.se>
date Wed, 25 Sep 2013 22:27:03 +0200
parents ab8ac32fa330
children ae8079a89eec
files ChangeLog build-aux/pmccabe2html
diffstat 2 files changed, 14 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Tue Sep 24 06:33:40 2013 -0600
+++ b/ChangeLog	Wed Sep 25 22:27:03 2013 +0200
@@ -1,3 +1,14 @@
+2013-09-25  Mats Erik Andersson  <gnu@gisladisker.se>
+
+	pmccabe2html: escaping of special characters
+	Escape all '<', '>', and '&' in HTML output.
+	* build-aux/pmccabe2html (html_fnc): Call gsub()
+	instead of sub() to capture all '<', '>', and '&'.
+	Neither of '<' and '>' is special in a regexp,
+	so first arguments to gsub() are corrected. Also,
+	in replacement strings, ampersand must be escaped.
+	Finally, '&' must be handled first, then '<' and '>'.
+
 2013-09-24  Eric Blake  <eblake@redhat.com>
 
 	manywarnings: enable nicer gcc warning messages
--- a/build-aux/pmccabe2html	Tue Sep 24 06:33:40 2013 -0600
+++ b/build-aux/pmccabe2html	Wed Sep 25 22:27:03 2013 +0200
@@ -422,9 +422,9 @@
 
             while ((getline codeline < (fname nfun "_fn.txt")) > 0)
             {
-                sub(/\\</, "&lt;", codeline)
-                sub(/\\>/, "&gt;", codeline)
-                sub(/&/, "&amp;", codeline)
+                gsub(/&/, "\&amp;", codeline)	# Must come first.
+                gsub(/</, "\&lt;", codeline)
+                gsub(/>/, "\&gt;", codeline)
 
                 print codeline
             }