Add more strict USB string filtering.

Approved by: thompsa (mentor)
author: hselasky <hselasky@FreeBSD.org> 2010-10-04 22:45:17 +0000
committer: hselasky <hselasky@FreeBSD.org> 2010-10-04 22:45:17 +0000
commit: c729b3a4ca41f5f2267030da786e53f4864f418b (patch)
tree: d7ad5afb7d870e62e3b00a95fb5b275cc3f5301e
parent: 97650b7539017733bdc3cd4318ccd7ab926a730b (diff)
download: FreeBSD-src-c729b3a4ca41f5f2267030da786e53f4864f418b.zip
FreeBSD-src-c729b3a4ca41f5f2267030da786e53f4864f418b.tar.gz
1 files changed, 13 insertions, 6 deletions
diff --git a/sys/dev/usb/usb_request.c b/sys/dev/usb/usb_request.c
index a3c685d..9f16725 100644
--- a/sys/dev/usb/usb_request.c
+++ b/sys/dev/usb/usb_request.c
@@ -1018,14 +1018,21 @@ usbd_req_get_string_any(struct usb_device *udev, struct mtx *mtx, char *buf,
 		}
 
 		/*
-		 * Filter by default - we don't allow greater and less than
-		 * signs because they might confuse the dmesg printouts!
+		 * Filter by default - We only allow alphanumerical
+		 * and a few more to avoid any problems with scripts
+		 * and daemons.
 		 */
-		if ((*s == '<') || (*s == '>') || (!isprint(*s))) {
-			/* silently skip bad character */
-			continue;
+		if (isalpha(*s) ||
+		    isdigit(*s) ||
+		    *s == '-' ||
+		    *s == '+' ||
+		    *s == ' ' ||
+		    *s == '.' ||
+		    *s == ',') {
+			/* allowed */
+			s++;
 		}
-		s++;
+		/* silently skip bad character */
 	}
 	*s = 0;				/* zero terminate resulting string */
 	return (USB_ERR_NORMAL_COMPLETION);
author	hselasky <hselasky@FreeBSD.org>	2010-10-04 22:45:17 +0000
committer	hselasky <hselasky@FreeBSD.org>	2010-10-04 22:45:17 +0000
commit	c729b3a4ca41f5f2267030da786e53f4864f418b (patch)
tree	d7ad5afb7d870e62e3b00a95fb5b275cc3f5301e
parent	97650b7539017733bdc3cd4318ccd7ab926a730b (diff)
download	FreeBSD-src-c729b3a4ca41f5f2267030da786e53f4864f418b.zip FreeBSD-src-c729b3a4ca41f5f2267030da786e53f4864f418b.tar.gz