[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] branch master updated: update to mustach 1.2.7
|
From: |
gnunet |
|
Subject: |
[taler-exchange] branch master updated: update to mustach 1.2.7 |
|
Date: |
Sun, 24 Mar 2024 14:27:25 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
The following commit(s) were added to refs/heads/master by this push:
new c9bdd97a update to mustach 1.2.7
c9bdd97a is described below
commit c9bdd97a294cc273480f8324dbfcba8ce3c485d1
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Sat Mar 23 14:27:23 2024 +0100
update to mustach 1.2.7
---
src/templating/AUTHORS | 1 +
src/templating/CHANGELOG.md | 15 +++++++++++--
src/templating/Makefile.am | 8 +++++--
src/templating/README.md | 9 ++++----
src/templating/mustach-original-Makefile | 2 +-
src/templating/mustach-tool.c | 3 ++-
src/templating/mustach-wrap.c | 28 ++++++++++++++++++++++--
src/templating/mustach-wrap.h | 3 ++-
src/templating/mustach.c | 18 ++++++++++-----
src/templating/mustach.h | 8 ++++++-
src/templating/test-specs/test-specs-cjson.ref | 2 +-
src/templating/test-specs/test-specs-jansson.ref | 2 +-
src/templating/test-specs/test-specs-json-c.ref | 2 +-
13 files changed, 78 insertions(+), 23 deletions(-)
diff --git a/src/templating/AUTHORS b/src/templating/AUTHORS
index b2042848..fbe9e100 100644
--- a/src/templating/AUTHORS
+++ b/src/templating/AUTHORS
@@ -27,6 +27,7 @@ Packagers:
Thanks to issue submitters:
Dante Torres
@fabbe
+ Felix von Leitner
Johann Oskarsson
Mark Bucciarelli
Nigel Hathaway
diff --git a/src/templating/CHANGELOG.md b/src/templating/CHANGELOG.md
index 6024189e..003652eb 100644
--- a/src/templating/CHANGELOG.md
+++ b/src/templating/CHANGELOG.md
@@ -1,10 +1,19 @@
-next
-----
+1.2.7 (2024-03-21)
+------------------
+
+New:
+ - fallback to default when mustach_wrap_get_partial
+ returns MUSTACH_ERROR_PARTIAL_NOT_FOUND
+ - remove at compile time the load of files for templates
+ if MUSTACH_LOAD_TEMPLATE is defined as 0
+ - add compile time flag MUSTACH_SAFE for enforcing
+ safety behaviours
Fix:
- selection of subitem by index (#47)
- get latest iterated key when getting key name (#52)
- allow tests without valgrind
+ - avoid recursive template expansion (#55)
1.2.6 (2024-01-08)
------------------
@@ -20,6 +29,7 @@ Minor:
1.2.5 (2023-02-18)
------------------
+
Fix:
- Don't override CFLAGS in Makefile
- Use of $(INSTALL) in Makefile for setting options
@@ -29,6 +39,7 @@ Minor:
1.2.4 (2023-01-02)
------------------
+
Fix:
- Latent SIGSEGV using cJSON
diff --git a/src/templating/Makefile.am b/src/templating/Makefile.am
index f7432298..c55f2964 100644
--- a/src/templating/Makefile.am
+++ b/src/templating/Makefile.am
@@ -16,7 +16,9 @@ taler_mustach_tool_LDADD = \
libmustach.la \
-ljansson
taler_mustach_tool_CFLAGS = \
- -DTOOL=MUSTACH_TOOL_JANSSON
+ -DTOOL=MUSTACH_TOOL_JANSSON \
+ -DMUSTACH_SAFE=1 \
+ -DMUSTACH_LOAD_TEMPLATE=0
lib_LTLIBRARIES = \
libtalertemplating.la
@@ -40,7 +42,9 @@ libtalertemplating_la_LIBADD = \
libtalertemplating_la_LDFLAGS = \
-version-info 0:0:0 \
-no-undefined
-
+libtalertemplating_la_CFLAGS = \
+ -DMUSTACH_SAFE=1 \
+ -DMUSTACH_LOAD_TEMPLATE=0
libmustach_la_SOURCES = \
mustach.c mustach.h \
diff --git a/src/templating/README.md b/src/templating/README.md
index 324c9a86..6e7a6c95 100644
--- a/src/templating/README.md
+++ b/src/templating/README.md
@@ -5,7 +5,7 @@ template specification.
The main site for `mustach` is on [gitlab](https://gitlab.com/jobol/mustach).
-The simpliest way to use mustach is to copy the files **mustach.h** and
**mustach.c**
+The simplest way to use mustach is to copy the files **mustach.h** and
**mustach.c**
directly into your project and use it.
If you are using one of the JSON libraries listed below, you can get extended
feature
@@ -85,7 +85,7 @@ It then outputs the result of applying the templates files to
the JSON file.
### Portability
Some system does not provide *open_memstream*. In that case, tell your
-prefered compiler to declare the preprocessor symbol **NO_OPEN_MEMSTREAM**.
+preferred compiler to declare the preprocessor symbol **NO_OPEN_MEMSTREAM**.
Example:
CFLAGS=-DNO_OPEN_MEMSTREAM make
@@ -170,7 +170,7 @@ Here is the summary.
Flag name | Description
-------------------------------+------------------------------------------------
- Mustach_With_Colon | Explicit tag substition with colon
+ Mustach_With_Colon | Explicit tag substitution with colon
Mustach_With_EmptyTag | Empty Tag Allowed
-------------------------------+------------------------------------------------
Mustach_With_Equal | Value Testing Equality
@@ -187,7 +187,7 @@ For the details, see below.
### Explicit Tag Substitution With Colon (Mustach_With_Colon)
-In somecases the name of the key used for substition begins with a
+In somecases the name of the key used for substitution begins with a
character reserved for mustach: one of `#`, `^`, `/`, `&`, `{`, `>` and `=`.
This extension introduces the special character `:` to explicitly
@@ -318,4 +318,3 @@ The table below summarize the changes.
fdmustach_json_c | mustach_json_c_fd
mustach_json_c | mustach_json_c_mem
mustach_json_c | mustach_json_c_write
-
diff --git a/src/templating/mustach-original-Makefile
b/src/templating/mustach-original-Makefile
index 6d90f33d..c1ddbe63 100644
--- a/src/templating/mustach-original-Makefile
+++ b/src/templating/mustach-original-Makefile
@@ -1,7 +1,7 @@
# version
MAJOR := 1
MINOR := 2
-REVIS := 6
+REVIS := 7
# installation settings
DESTDIR ?=
diff --git a/src/templating/mustach-tool.c b/src/templating/mustach-tool.c
index e2a5c1f4..5f28c1f5 100644
--- a/src/templating/mustach-tool.c
+++ b/src/templating/mustach-tool.c
@@ -35,7 +35,8 @@ static const char *errors[] = {
"invalid interface",
"item not found",
"partial not found",
- "undefined tag"
+ "undefined tag",
+ "too much template nesting"
};
static const char *errmsg = 0;
diff --git a/src/templating/mustach-wrap.c b/src/templating/mustach-wrap.c
index 869713c8..2cd00db1 100644
--- a/src/templating/mustach-wrap.c
+++ b/src/templating/mustach-wrap.c
@@ -20,6 +20,18 @@
#include "mustach.h"
#include "mustach-wrap.h"
+/*
+* It was stated that allowing to include files
+* through template is not safe when the mustache
+* template is open to any value because it could
+* create leaks (example: {{>/etc/passwd}}).
+*/
+#if MUSTACH_SAFE
+# undef MUSTACH_LOAD_TEMPLATE
+#elif !defined(MUSTACH_LOAD_TEMPLATE)
+# define MUSTACH_LOAD_TEMPLATE 1
+#endif
+
#if !defined(INCLUDE_PARTIAL_EXTENSION)
# define INCLUDE_PARTIAL_EXTENSION ".mustache"
#endif
@@ -325,6 +337,7 @@ static int get_callback(void *closure, const char *name,
struct mustach_sbuf *sb
return MUSTACH_OK;
}
+#if MUSTACH_LOAD_TEMPLATE
static int get_partial_from_file(const char *name, struct mustach_sbuf *sbuf)
{
static char extension[] = INCLUDE_PARTIAL_EXTENSION;
@@ -375,14 +388,22 @@ static int get_partial_from_file(const char *name, struct
mustach_sbuf *sbuf)
fclose(file);
return MUSTACH_ERROR_SYSTEM;
}
+#endif
static int partial_callback(void *closure, const char *name, struct
mustach_sbuf *sbuf)
{
struct wrap *w = closure;
int rc;
- if (mustach_wrap_get_partial != NULL)
+ if (mustach_wrap_get_partial != NULL) {
rc = mustach_wrap_get_partial(name, sbuf);
- else if (w->flags & Mustach_With_PartialDataFirst) {
+ if (rc != MUSTACH_ERROR_PARTIAL_NOT_FOUND) {
+ if (rc != MUSTACH_OK)
+ sbuf->value = "";
+ return rc;
+ }
+ }
+#if MUSTACH_LOAD_TEMPLATE
+ if (w->flags & Mustach_With_PartialDataFirst) {
if (getoptional(w, name, sbuf) > 0)
rc = MUSTACH_OK;
else
@@ -393,6 +414,9 @@ static int partial_callback(void *closure, const char
*name, struct mustach_sbuf
if (rc != MUSTACH_OK && getoptional(w, name, sbuf) > 0)
rc = MUSTACH_OK;
}
+#else
+ rc = getoptional(w, name, sbuf) > 0 ? MUSTACH_OK :
MUSTACH_ERROR_PARTIAL_NOT_FOUND;
+#endif
if (rc != MUSTACH_OK)
sbuf->value = "";
return MUSTACH_OK;
diff --git a/src/templating/mustach-wrap.h b/src/templating/mustach-wrap.h
index 37e6ff6c..fedcb919 100644
--- a/src/templating/mustach-wrap.h
+++ b/src/templating/mustach-wrap.h
@@ -146,7 +146,8 @@ extern const struct mustach_itf mustach_wrap_itf;
* function replaces the default behaviour and is called to provide the partial
* of the given 'name' in 'sbuf'.
* The function must return MUSTACH_OK when it filled 'sbuf' with value of
partial
- * or must return an error code if it failed.
+ * or must return an error code if it failed. But if
MUSTACH_ERROR_PARTIAL_NOT_FOUND
+ * is returned, the default behavior is evaluated.
*/
extern int (*mustach_wrap_get_partial)(const char *name, struct mustach_sbuf
*sbuf);
diff --git a/src/templating/mustach.c b/src/templating/mustach.c
index 9f992c73..1bf482bc 100644
--- a/src/templating/mustach.c
+++ b/src/templating/mustach.c
@@ -33,6 +33,7 @@ struct iwrap {
int (*partial)(void *closure, const char *name, struct mustach_sbuf
*sbuf);
void *closure_partial; /* closure for partial */
int flags;
+ int nesting;
};
struct prefix {
@@ -430,11 +431,17 @@ get_name:
case '>':
/* partials */
if (enabled) {
- sbuf_reset(&sbuf);
- rc = iwrap->partial(iwrap->closure_partial,
name, &sbuf);
- if (rc >= 0) {
- rc = process(sbuf.value,
sbuf_length(&sbuf), iwrap, file, &pref);
- sbuf_release(&sbuf);
+ if (iwrap->nesting >= MUSTACH_MAX_NESTING)
+ rc = MUSTACH_ERROR_TOO_MUCH_NESTING;
+ else {
+ sbuf_reset(&sbuf);
+ rc =
iwrap->partial(iwrap->closure_partial, name, &sbuf);
+ if (rc >= 0) {
+ iwrap->nesting++;
+ rc = process(sbuf.value,
sbuf_length(&sbuf), iwrap, file, &pref);
+ sbuf_release(&sbuf);
+ iwrap->nesting--;
+ }
}
if (rc < 0)
return rc;
@@ -486,6 +493,7 @@ int mustach_file(const char *template, size_t length, const
struct mustach_itf *
iwrap.leave = itf->leave;
iwrap.get = itf->get;
iwrap.flags = flags;
+ iwrap.nesting = 0;
/* process */
rc = itf->start ? itf->start(closure) : 0;
diff --git a/src/templating/mustach.h b/src/templating/mustach.h
index 8c4a43f1..1b44582d 100644
--- a/src/templating/mustach.h
+++ b/src/templating/mustach.h
@@ -19,10 +19,15 @@ struct mustach_sbuf; /* see below */
#define MUSTACH_VERSION_MINOR (MUSTACH_VERSION % 100)
/**
- * Maximum nested imbrications supported
+ * Maximum nested section supported
*/
#define MUSTACH_MAX_DEPTH 256
+/**
+ * Maximum nested template supported
+ */
+#define MUSTACH_MAX_NESTING 64
+
/**
* Maximum length of tags in mustaches {{...}}
*/
@@ -57,6 +62,7 @@ struct mustach_sbuf; /* see below */
#define MUSTACH_ERROR_ITEM_NOT_FOUND -10
#define MUSTACH_ERROR_PARTIAL_NOT_FOUND -11
#define MUSTACH_ERROR_UNDEFINED_TAG -12
+#define MUSTACH_ERROR_TOO_MUCH_NESTING -13
/*
* You can use definition below for user specific error
diff --git a/src/templating/test-specs/test-specs-cjson.ref
b/src/templating/test-specs/test-specs-cjson.ref
index 8897c66c..41e1c8de 100644
--- a/src/templating/test-specs/test-specs-cjson.ref
+++ b/src/templating/test-specs/test-specs-cjson.ref
@@ -52,7 +52,7 @@ processing file test-specs/spec/specs/delimiters.json
[3] Inverted Sections
Delimiters set outside inverted sections should persist.
=> SUCCESS
-[4] Partial Inheritence
+[4] Partial Inheritance
Delimiters set in a parent template should not affect a partial.
=> SUCCESS
[5] Post-Partial Behavior
diff --git a/src/templating/test-specs/test-specs-jansson.ref
b/src/templating/test-specs/test-specs-jansson.ref
index a1cef19c..2e1e9185 100644
--- a/src/templating/test-specs/test-specs-jansson.ref
+++ b/src/templating/test-specs/test-specs-jansson.ref
@@ -52,7 +52,7 @@ processing file test-specs/spec/specs/delimiters.json
[3] Inverted Sections
Delimiters set outside inverted sections should persist.
=> SUCCESS
-[4] Partial Inheritence
+[4] Partial Inheritance
Delimiters set in a parent template should not affect a partial.
=> SUCCESS
[5] Post-Partial Behavior
diff --git a/src/templating/test-specs/test-specs-json-c.ref
b/src/templating/test-specs/test-specs-json-c.ref
index 8897c66c..41e1c8de 100644
--- a/src/templating/test-specs/test-specs-json-c.ref
+++ b/src/templating/test-specs/test-specs-json-c.ref
@@ -52,7 +52,7 @@ processing file test-specs/spec/specs/delimiters.json
[3] Inverted Sections
Delimiters set outside inverted sections should persist.
=> SUCCESS
-[4] Partial Inheritence
+[4] Partial Inheritance
Delimiters set in a parent template should not affect a partial.
=> SUCCESS
[5] Post-Partial Behavior
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-exchange] branch master updated: update to mustach 1.2.7,
gnunet <=