[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[sup-devel] [PATCH] asciify untrusted strings before displaying in TextMode

---
 lib/sup/modes/file-browser-mode.rb |    2 +-
 lib/sup/modes/text-mode.rb         |    2 +-
 lib/sup/modes/thread-view-mode.rb  |    4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/sup/modes/file-browser-mode.rb b/lib/sup/modes/file-browser-mode.rb
index b92468d..72e12db 100644
--- a/lib/sup/modes/file-browser-mode.rb
+++ b/lib/sup/modes/file-browser-mode.rb
@@ -47,7 +47,7 @@ protected
     return unless f && f.file?
 
     begin
-      BufferManager.spawn f.to_s, TextMode.new(f.read)
+      BufferManager.spawn f.to_s, TextMode.new(f.read.ascii)
     rescue SystemCallError => e
       BufferManager.flash e.message
     end
diff --git a/lib/sup/modes/text-mode.rb b/lib/sup/modes/text-mode.rb
index 7c9e7d8..e772ff5 100644
--- a/lib/sup/modes/text-mode.rb
+++ b/lib/sup/modes/text-mode.rb
@@ -29,7 +29,7 @@ class TextMode < ScrollMode
     end
 
     if output
-      BufferManager.spawn "Output of '#{command}'", TextMode.new(output)
+      BufferManager.spawn "Output of '#{command}'", TextMode.new(output.ascii)
     else
       BufferManager.flash "'#{command}' done!"
     end
diff --git a/lib/sup/modes/thread-view-mode.rb b/lib/sup/modes/thread-view-mode.rb
index b08c819..0e935a4 100644
--- a/lib/sup/modes/thread-view-mode.rb
+++ b/lib/sup/modes/thread-view-mode.rb
@@ -613,7 +613,7 @@ EOS
     end
 
     if output
-      BufferManager.spawn "Output of '#{command}'", TextMode.new(output)
+      BufferManager.spawn "Output of '#{command}'", TextMode.new(output.ascii)
     else
       BufferManager.flash "'#{command}' done!"
     end
@@ -815,7 +815,7 @@ private
     BufferManager.erase_flash
     BufferManager.completely_redraw_screen
     unless success
-      BufferManager.spawn "Attachment: #{chunk.filename}", TextMode.new(chunk.to_s, chunk.filename)
+      BufferManager.spawn "Attachment: #{chunk.filename}", TextMode.new(chunk.to_s.ascii, chunk.filename)
       BufferManager.flash "Couldn't execute view command, viewing as text."
     end
   end
-- 
1.5.6.5

_______________________________________________
Sup-devel mailing list
Sup-devel@rubyforge.org
http://rubyforge.org/mailman/listinfo/sup-devel