sixam/minetest
Template
2
0
Fork 0
mirror of https://github.com/luanti-org/minetest_game.git synced 2025-07-14 10:21:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Validate & sanitize formspec fields (#3022)

Browse source
This commit is contained in:
Lars Müller 2023-04-08 18:13:45 +02:00 committed by GitHub
parent 4c6e19968a
commit 833ed77620
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 16 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

3
mods/default/craftitems.lua
View file

@ -148,7 +148,7 @@ minetest.register_on_player_receive_fields(function(player, formname, fields)
return
end
if fields.close then
if fields.quit then
book_writers[player_name] = nil
end
@ -179,6 +179,7 @@ minetest.register_on_player_receive_fields(function(player, formname, fields)
data.description = S("\"@1\" by @2", short_title, data.owner)
data.text = fields.text:sub(1, max_text_size)
data.text = data.text:gsub("\r\n", "\n"):gsub("\r", "\n")
data.text = data.text:gsub("[%z\1-\8\11-\31\127]", "") -- strip naughty control characters (keeps \t and \n)
data.page = 1
data.page_max = math.ceil((#data.text:gsub("[^\n]", "") + 1) / lpp)