libstrophe doesn't filter forbidden sequences

strophe / libstrophe

A simple, lightweight C library for writing XMPP clients

http://strophe.im/libstrophe

Other

401 stars 163 forks source link

libstrophe doesn't filter forbidden sequences #170

Open pasis opened 3 years ago

pasis commented 3 years ago

More context:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974205
https://github.com/profanity-im/profanity/issues/1437

gbx-bfriedman commented 3 years ago

We ran into this ourselves a few months ago while testing libstrophe with BLNS. It failed on the C0 control character range. It's a bit difficult to fix this on the application side since the surface area is anything touching libstrophe.

jubalh commented 3 years ago

This blns?

gbx-bfriedman commented 3 years ago

No, my apologies, I should have specified. This BLNS.