Closed DL6ER closed 6 months ago
This pull request has been mentioned on Pi-hole Userspace. There might be relevant details there:
079c66c adds control character escaping to the output. To reduce code-duplication, we simply reuse the already existing JSON string encoder acknowledging that the log file is UTF-8 so we only really need to escape control characters:
Another example containing a control character:
WARNING: Host name of client "127.0.0.1" => "xyz\nabc" contains (at least) one invalid character (hex 0a) at position 3
if a client advertises host name containing a newline as in this new example:
The "one-character sequences" will be escaped in the following, well-known, way:
\"
\b
\f
\n
\r
\t
, and also\\
because this is needed to make the above usefulall others will be escaped following the JSON syntax as, e.g. \u001B
for "escape" also known but not standardized as "\^["
.
What does this implement/fix?
Make the Pi-hole diagnosis message a bit clearer.
Before:
Now:
Knowing the hex code may be useful in trying to debug this: https://www.rapidtables.com/code/text/ascii-table.html
This may not be the very best example but think of the invalid character being something unprintable like
<EOF>
.We also add some safety measure so malicious modifications to the Pi-hole diagnosis entries in the database cannot trigger a buffer overflow.
Related issue or feature (if applicable): See discourse thread linked below.
Pull request in docs with documentation (if applicable): N/A
By submitting this pull request, I confirm the following:
git rebase
)Checklist:
developmental
branch.