mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-12 19:55:14 +02:00
new capacity bits (#67)
This commit is contained in:
Eli Peter
GitHub
parent
afaffc0df6
commit
7d0e7320e2
261 changed files with 10591 additions and 231 deletions
13
tests/fixtures/xpath_injection/cpp/safe_xpath_query.cpp
vendored
Normal file
13
tests/fixtures/xpath_injection/cpp/safe_xpath_query.cpp
vendored
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
// Safe: project-local sanitize_xpath (matches the developer-named
|
||||
// `sanitize_*` Sanitizer rule) clears caps on the user value before it
|
||||
// reaches xmlXPathEvalExpression.
|
||||
#include <libxml/xpath.h>
|
||||
#include <cstdlib>
|
||||
|
||||
extern "C" char *sanitize_xpath(const char *raw);
|
||||
|
||||
xmlXPathObjectPtr do_lookup(xmlXPathContextPtr ctx) {
|
||||
char *user_expr = std::getenv("USER_EXPR");
|
||||
char *safe = sanitize_xpath(user_expr);
|
||||
return xmlXPathEvalExpression((xmlChar *)safe, ctx);
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue