Line data Source code
1 : /*
2 : This file is part of TALER
3 : Copyright (C) 2026 Taler Systems SA
4 :
5 : TALER is free software; you can redistribute it and/or modify it under the
6 : terms of the GNU General Public License as published by the Free Software
7 : Foundation; either version 3, or (at your option) any later version.
8 :
9 : TALER is distributed in the hope that it will be useful, but WITHOUT ANY
10 : WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
11 : A PARTICULAR PURPOSE. See the GNU General Public License for more details.
12 :
13 : You should have received a copy of the GNU General Public License along with
14 : TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
15 : */
16 : /**
17 : * @file xml.c
18 : * @brief Common utility functions for XML handling
19 : * @author Christian Grothoff
20 : */
21 : #include "taler/taler_util.h"
22 :
23 :
24 : /**
25 : * We allow [a-zA-Z0-9-.:] in extra_wire_subject_metadata.
26 : * Test @a c for it.
27 : *
28 : * @param c character to test
29 : * @return true if OK
30 : */
31 : static inline bool
32 0 : is_allowed_metachar (char c)
33 : {
34 0 : return (c >= 'a' && c <= 'z') ||
35 0 : (c >= 'A' && c <= 'Z') ||
36 0 : (c >= '0' && c <= '9') ||
37 0 : c == '-' ||
38 0 : c == '.' ||
39 : c == ':';
40 : }
41 :
42 :
43 : bool
44 98 : TALER_is_valid_subject_metadata_string (const char *src)
45 : {
46 98 : unsigned int len = 0;
47 98 : if (NULL == src)
48 98 : return true;
49 :
50 0 : while (*src)
51 : {
52 0 : if (! is_allowed_metachar (*src++))
53 0 : return false;
54 0 : if (++len > 40)
55 0 : return false;
56 : }
57 0 : return true;
58 : }
59 :
60 :
61 : char *
62 0 : TALER_escape_xml (const char *str)
63 : {
64 0 : struct GNUNET_Buffer out = { 0 };
65 0 : const char *p = str;
66 :
67 0 : while (*p)
68 : {
69 0 : const char *esc = NULL;
70 :
71 0 : switch (*p)
72 : {
73 0 : case '&':
74 0 : esc = "&";
75 0 : break;
76 0 : case '<':
77 0 : esc = "<";
78 0 : break;
79 0 : case '>':
80 0 : esc = ">";
81 0 : break;
82 0 : case '"':
83 0 : esc = """;
84 0 : break;
85 0 : case '\'':
86 0 : esc = "'";
87 0 : break;
88 : }
89 0 : if (NULL != esc)
90 0 : GNUNET_buffer_write_str (&out,
91 : esc);
92 : else
93 0 : GNUNET_buffer_write (&out,
94 : p,
95 : 1);
96 0 : p++;
97 : }
98 0 : return GNUNET_buffer_reap_str (&out);
99 : }
|
