diff options
| author | Gavin Andresen <[email protected]> | 2013-11-02 05:27:42 +1000 |
|---|---|---|
| committer | Gavin Andresen <[email protected]> | 2013-11-11 10:22:45 +1000 |
| commit | 17faf562629cd27f00fc138e218ebcc1ce071765 (patch) | |
| tree | 16f48e9238955358df4d5e67bcdc7ad746f9db98 /src/util.cpp | |
| parent | Improve logging of failed connections (diff) | |
| download | discoin-17faf562629cd27f00fc138e218ebcc1ce071765.tar.xz discoin-17faf562629cd27f00fc138e218ebcc1ce071765.zip | |
Refactor: pull alert string sanitization into util
Diffstat (limited to 'src/util.cpp')
| -rw-r--r-- | src/util.cpp | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/util.cpp b/src/util.cpp index 9562cf310..5411bb2fe 100644 --- a/src/util.cpp +++ b/src/util.cpp @@ -475,6 +475,19 @@ bool ParseMoney(const char* pszIn, int64_t& nRet) return true; } +// safeChars chosen to allow simple messages/URLs/email addresses, but avoid anything +// even possibly remotely dangerous like & or > +static string safeChars("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890 .,;_/:?@"); +string SanitizeString(const string& str) +{ + string strResult; + for (std::string::size_type i = 0; i < str.size(); i++) + { + if (safeChars.find(str[i]) != std::string::npos) + strResult.push_back(str[i]); + } + return strResult; +} const signed char p_util_hexdigit[256] = { -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, |