update_engine: Check XmlEncode() input strings.
XmlEncode() only supports valid UTF-8 string. Incomplete UTF-8 strings
would make it crash.
This patch limits the input string to ASCII-7 and falls back to a
default string value whenever an invalid one is found. Some of these
values come from the stateful partition, which would make the
update_engine fail forever.
BUG=chromium:471925
TEST=Added unittests.
Change-Id: I01c5da1b44462a0fe1eb703106a9d0dd3051100b
Reviewed-on: https://chromium-review.googlesource.com/263154
Reviewed-by: Alex Deymo <deymo@chromium.org>
Commit-Queue: Alex Deymo <deymo@chromium.org>
Tested-by: Alex Deymo <deymo@chromium.org>
diff --git a/omaha_request_action.h b/omaha_request_action.h
index 0cb2244..b56af1e 100644
--- a/omaha_request_action.h
+++ b/omaha_request_action.h
@@ -25,9 +25,15 @@
namespace chromeos_update_engine {
-// Encodes XML entities in a given string with libxml2. input must be
-// UTF-8 formatted. Output will be UTF-8 formatted.
-std::string XmlEncode(const std::string& input);
+// Encodes XML entities in a given string. Input must be ASCII-7 valid. If
+// the input is invalid, the default value is used instead.
+std::string XmlEncodeWithDefault(const std::string& input,
+ const std::string& default_value);
+
+// Escapes text so it can be included as character data and attribute
+// values. The |input| string must be valid ASCII-7, no UTF-8 supported.
+// Returns whether the |input| was valid and escaped properly in |output|.
+bool XmlEncode(const std::string& input, std::string* output);
// This struct encapsulates the Omaha event information. For a
// complete list of defined event types and results, see