From ed9a470b2dbe08cfe51079bdb3e7fbd720f857c8 Mon Sep 17 00:00:00 2001
From: Adam Dickmeiss <adam@indexdata.dk>
Date: Fri, 1 Oct 2004 11:44:46 +0000
Subject: [PATCH] Prevent XML CDATA with ASCII control chars (except
 TAB,CR,LF)

---
 src/wrbuf.c |    9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/wrbuf.c b/src/wrbuf.c
index 0b92aea..345a33e 100644
--- a/src/wrbuf.c
+++ b/src/wrbuf.c
@@ -2,7 +2,7 @@
  * Copyright (c) 1995-2004, Index Data.
  * See the file LICENSE for details.
  *
- * $Id: wrbuf.c,v 1.4 2004-03-20 07:02:23 adam Exp $
+ * $Id: wrbuf.c,v 1.5 2004-10-01 11:44:46 adam Exp $
  */
 
 /*
@@ -89,6 +89,13 @@ int wrbuf_xmlputs_n(WRBUF b, const char *cp, int size)
 {
     while (--size >= 0)
     {
+	/* only TAB,CR,LF of ASCII CTRL are allowed in XML 1.0! */
+	if (*cp >= 0 && *cp <= 31)
+	    if (*cp != 9 && *cp != 10 && *cp != 13)
+	    {
+		cp++;  /* we silently ignore (delete) these.. */
+		continue;
+	    }
 	switch(*cp)
 	{
 	case '<':
-- 
1.7.10.4