sixam/minetest
Template
2
0
Fork 0
mirror of https://github.com/luanti-org/minetest_game.git synced 2025-07-07 23:20:35 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Validate & sanitize formspec fields (#3022)

Browse source
This commit is contained in:
Lars Müller 2023-04-08 18:13:45 +02:00 committed by GitHub
parent 4c6e19968a
commit 833ed77620
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 16 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

6
mods/default/nodes.lua
View file

@ -2597,12 +2597,12 @@ local function register_sign(material, desc, def)
if not text then
return
end
if string.len(text) > 512 then
if #text > 512 then
minetest.chat_send_player(player_name, S("Text too long"))
return
end
default.log_player_action(sender, "wrote \"" .. text ..
"\" to the sign at", pos)
text = text:gsub("[%z-\8\11-\31\127]", "") -- strip naughty control characters (keeps \t and \n)
default.log_player_action(sender, ("wrote %q to the sign at"):format(text), pos)
local meta = minetest.get_meta(pos)
meta:set_string("text", text)