Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #13959 from ptabor/20220419-log-injection

Browse Source 
Fix code scanning alert: This log write receives unsanitized user input
This commit is contained in:
Piotr Tabor 2022-04-19 16:26:25 +02:00 committed by GitHub
commit 52662ccd06
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
contrib/lock/storage/storage.go
View File

@ -90,12 +90,22 @@ func handler(w http.ResponseWriter, r *http.Request) {
writeResponse(response{req.Val, req.Version, ""}, w)
}
} else {
fmt.Printf("unknown op: %s\n", req.Op)
fmt.Printf("unknown op: %s\n", escape(req.Op))
return
}
}
func escape(s string) string {
escaped := strings.Replace(s, "\n", " ", -1)
escaped = strings.Replace(escaped, "\r", " ", -1)
return escaped
}
func main() {
http.HandleFunc("/", handler)
http.ListenAndServe(":8080", nil)
err := http.ListenAndServe(":8080", nil)
if err != nil {
fmt.Printf("failed to listen and serve: %s\n", err)
os.Exit(1)
}
}