mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
13 lines
476 B
C++
13 lines
476 B
C++
// Safe: project-local sanitize_xpath (matches the developer-named
|
|
// `sanitize_*` Sanitizer rule) clears caps on the user value before it
|
|
// reaches xmlXPathEvalExpression.
|
|
#include <libxml/xpath.h>
|
|
#include <cstdlib>
|
|
|
|
extern "C" char *sanitize_xpath(const char *raw);
|
|
|
|
xmlXPathObjectPtr do_lookup(xmlXPathContextPtr ctx) {
|
|
char *user_expr = std::getenv("USER_EXPR");
|
|
char *safe = sanitize_xpath(user_expr);
|
|
return xmlXPathEvalExpression((xmlChar *)safe, ctx);
|
|
}
|