1
0
Fork 0
mirror of https://we.phorge.it/source/arcanist.git synced 2025-01-01 10:20:58 +01:00

In "phutil_loggable_string()", encode every byte above 0x7F

Summary:
Ref T13507. Currently, this function is a bit conservative about what it encodes, and passing it a string of binary garbage may result in an output which is not valid UTF8.

This could be refined somewhat, since it's less than ideal if the input has valid UTF8. The ideal behavior for byte sequences where all bytes are larger than 0x7F is probably a variation of "phutil_utf8ize()" that replaces bytes with "<0xXX>" instead of the Unicode error glyph.

For now, just err on the side of mangling.

Test Plan: Dumped various binary payloads in the new gzip setup check, saw sensible output in the web UI.

Maniphest Tasks: T13507

Differential Revision: https://secure.phabricator.com/D21117
This commit is contained in:
epriestley 2020-04-14 14:48:56 -07:00
parent 9d0100bda7
commit 890b57de1e

View file

@ -1016,7 +1016,7 @@ function phutil_loggable_string($string) {
$result .= $c_map[$c];
} else {
$o = ord($c);
if ($o < 0x20 || $o == 0x7F) {
if ($o < 0x20 || $o >= 0x7F) {
$result .= '\\x'.sprintf('%02X', $o);
} else {
$result .= $c;