fixup! Escape non-ASCII characters in package history

getsolus · Apr 1, 2024 · 121763a · 121763a
1 parent d4e40b8
commit 121763a
Showing 1 changed file with 18 additions and 17 deletions.
diff --git a/builder/history.go b/builder/history.go
@@ -21,13 +21,13 @@ import (
 	"encoding/xml"
 	"errors"
 	"fmt"
+	"html"
 	"io"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"regexp"
 	"sort"
-	"strconv"
 	"strings"
 	"time"
 
@@ -98,7 +98,7 @@ func NewPackageUpdate(commit *object.Commit, objectID string) *PackageUpdate {
 		Commit:      commit.Hash,
 		Author:      signature.Name,
 		AuthorEmail: signature.Email,
-		Body:        toASCII(commit.Message),
+		Body:        commit.Message,
 		Time:        signature.When,
 		ObjectID:    objectID,
 	}
@@ -113,20 +113,6 @@ func NewPackageUpdate(commit *object.Commit, objectID string) *PackageUpdate {
 	return update
 }
 
-func toASCII(s string) string {
-	var enc string
-
-	for _, r := range s {
-		if r > 127 {
-			enc += strconv.QuoteRuneToASCII(r)
-		} else {
-			enc += string(r)
-		}
-	}
-
-	return enc
-}
-
 // CatGitBlob will return the contents of the given entry.
 func CatGitBlob(repo *git.Repository, entry *object.TreeEntry) ([]byte, error) {
 	obj, err := repo.BlobObject(entry.Hash)
@@ -346,7 +332,7 @@ func (p *PackageHistory) WriteXML(path string) error {
 			Email:   update.AuthorEmail,
 			Date:    update.Time.Format(UpdateDateFormat),
 		}
-		yUpdate.Comment.Value = update.Body
+		yUpdate.Comment.Value = escapeString(update.Body)
 		yUpdate.Name.Value = update.Author
 
 		if update.IsSecurity {
@@ -369,6 +355,21 @@ func (p *PackageHistory) WriteXML(path string) error {
 	return err
 }
 
+func escapeString(s string) string {
+	var enc string
+
+	for _, r := range html.EscapeString(s) {
+		if r > 127 {
+			//enc += strconv.QuoteRuneToASCII(r)
+			enc += fmt.Sprintf("&#x%x;", uint32(r))
+		} else {
+			enc += string(r)
+		}
+	}
+
+	return enc
+}
+
 // GetLastVersionTimestamp will return a timestamp appropriate for us within
 // reproducible builds.
 //