Properly escape strings before writing XML.
Nico Golde nion@debian.org
1 files changed,
11 insertions(+),
4 deletions(-)
jump to
M
openbox/session.c
→
openbox/session.c
@@ -486,10 +486,14 @@ fprintf(f, "</desktoplayout>\n");
if (screen_desktop_names) { gint i; + gchar *t; fprintf(f, "<desktopnames>\n"); - for (i = 0; screen_desktop_names[i]; ++i) - fprintf(f, " <name>%s</name>\n", screen_desktop_names[i]); + for (i = 0; screen_desktop_names[i]; ++i){ + t = g_markup_escape_text(screen_desktop_names[i], -1); + fprintf(f, " <name>%s</name>\n", t); + g_free(t); + } fprintf(f, "</desktopnames>\n"); }@@ -544,8 +548,11 @@ }
if (c->sm_client_id) fprintf(f, "<window id=\"%s\">\n", c->sm_client_id); - else - fprintf(f, "<window command=\"%s\">\n", c->wm_command); + else { + t = g_markup_escape_text(c->wm_command, -1); + fprintf(f, "<window command=\"%s\">\n", t); + g_free(t); + } t = g_markup_escape_text(c->name, -1); fprintf(f, "\t<name>%s</name>\n", t);