Merge pull request #346 from google/fixes

Metadata validation and other security improvements
author: Eric Biggers <ebiggers@google.com> 2022-02-23 12:44:31 -0800
committer: GitHub <noreply@github.com> 2022-02-23 12:44:31 -0800
commit: 91aa3ebf42032ca783c41f9ec25d885875f66ddb (patch)
tree: 9b4ccbb0ab0a8742e1def7a02dbe076990cdb237 /filesystem/mountpoint.go
parent: 1ab74f59b52ec244fee003effa8415c6c4038a54 (diff)
parent: 97700817e737eabf45033cdb4a42fa5c6e74f877 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/filesystem/mountpoint.go b/filesystem/mountpoint.go
index 182cafa..0b0693b 100644
--- a/filesystem/mountpoint.go
+++ b/filesystem/mountpoint.go
@@ -77,6 +77,21 @@ func unescapeString(str string) string {
 	return sb.String()
 }
 
+// EscapeString is the reverse of unescapeString.  Use this to avoid injecting
+// spaces or newlines into output that uses these characters as separators.
+func EscapeString(str string) string {
+	var sb strings.Builder
+	for _, b := range []byte(str) {
+		switch b {
+		case ' ', '\t', '\n', '\\':
+			sb.WriteString(fmt.Sprintf("\\%03o", b))
+		default:
+			sb.WriteByte(b)
+		}
+	}
+	return sb.String()
+}
+
 // We get the device name via the device number rather than use the mount source
 // field directly.  This is necessary to handle a rootfs that was mounted via
 // the kernel command line, since mountinfo always shows /dev/root for that.
author	Eric Biggers <ebiggers@google.com>	2022-02-23 12:44:31 -0800
committer	GitHub <noreply@github.com>	2022-02-23 12:44:31 -0800
commit	91aa3ebf42032ca783c41f9ec25d885875f66ddb (patch)
tree	9b4ccbb0ab0a8742e1def7a02dbe076990cdb237 /filesystem/mountpoint.go
parent	1ab74f59b52ec244fee003effa8415c6c4038a54 (diff)
parent	97700817e737eabf45033cdb4a42fa5c6e74f877 (diff)