From 890b57de1e3421e9b605d800d2e9fc01cdf34fed Mon Sep 17 00:00:00 2001
From: epriestley <git@epriestley.com>
Date: Tue, 14 Apr 2020 14:48:56 -0700
Subject: [PATCH] In "phutil_loggable_string()", encode every byte above 0x7F

Summary:
Ref T13507. Currently, this function is a bit conservative about what it encodes, and passing it a string of binary garbage may result in an output which is not valid UTF8.

This could be refined somewhat, since it's less than ideal if the input has valid UTF8. The ideal behavior for byte sequences where all bytes are larger than 0x7F is probably a variation of "phutil_utf8ize()" that replaces bytes with "<0xXX>" instead of the Unicode error glyph.

For now, just err on the side of mangling.

Test Plan: Dumped various binary payloads in the new gzip setup check, saw sensible output in the web UI.

Maniphest Tasks: T13507

Differential Revision: https://secure.phabricator.com/D21117
---
 src/utils/utils.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/utils/utils.php b/src/utils/utils.php
index 9f454017..0bb1b4f8 100644
--- a/src/utils/utils.php
+++ b/src/utils/utils.php
@@ -1016,7 +1016,7 @@ function phutil_loggable_string($string) {
       $result .= $c_map[$c];
     } else {
       $o = ord($c);
-      if ($o < 0x20 || $o == 0x7F) {
+      if ($o < 0x20 || $o >= 0x7F) {
         $result .= '\\x'.sprintf('%02X', $o);
       } else {
         $result .= $c;