mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-12 19:55:14 +02:00
13 lines
471 B
C
13 lines
471 B
C
/* Safe: project-local sanitize_xpath (matches the developer-named
|
|
* `sanitize_*` Sanitizer rule) clears caps on the user value before it
|
|
* reaches xmlXPathEvalExpression. */
|
|
#include <libxml/xpath.h>
|
|
#include <stdlib.h>
|
|
|
|
extern char *sanitize_xpath(const char *raw);
|
|
|
|
xmlXPathObjectPtr do_lookup(xmlXPathContextPtr ctx) {
|
|
char *user_expr = getenv("USER_EXPR");
|
|
char *safe = sanitize_xpath(user_expr);
|
|
return xmlXPathEvalExpression((xmlChar *)safe, ctx);
|
|
}
|