logging: Escape controls in string arguments of log_ functions.

Authored by werner on Thu, Dec 6, 11:13 AM.

Description

logging: Escape controls in string arguments of log_ functions.

* src/logging.c (struct fmt_string_filter_s): New.
(fmt_string_filter): New.
(_gpgrt_logv_internal): Use the filter.

This change has two advantages: a) There is no more need to first
escape string arguments before passing them to a log function and b)
you can't forget to do the escaping and thus attacks using diagnostic
output to trick out users won't work. The drawback is that you see \n
instead of a real LF and under Windows the backslash in file names are
doubled.

  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Committed
wernerThu, Dec 6, 11:19 AM
Parents
rEf4d139b399e1: core: Allow logging to an estream.
Branches
Unknown
Tags
Unknown