Thanks for spotting that, I commited your patch in Rev 2418.
But imho this function should be replaced, anyway. Don't know _how many_ crazy
escaping function OpenVAS Client defines ... :)
On Friday 06 February 2009 12:22:23 Bernhard Herzog wrote:
> On 06.02.2009, Felix Wolfsteller wrote:
> > At least in the 2.0 series characters like ",<,' etc should be
> > properly 'escaped' ( openvas-client/nessus/xml_output.c: escape_string).
>
> AFAICT that function underestimates the worst case scenario when allocating
> the result string:
>
> ret = emalloc (5*strlen(temp)+1);
>
> It should multiply by 6 since " and ' are both converted to 6-character
> sequences (""" resp. "'").
>
> Bernhard
--
Felix Wolfsteller | ++49-541-335 08 3451 | http://www.intevation.de/
PGP Key: 39DE0100
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
_______________________________________________
Openvas-discuss mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
