hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-28 22:02:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Switch to using HTML entities for escaping

Browse Source
This commit is contained in:
Chris Smowton
2021-04-16 15:58:51 +01:00
committed by Sauyon Lee
parent 06c958e61f
commit 90c4b5d63f
3 changed files with 13 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
extractor/extractor.go
View File

@@ -139,7 +139,7 @@ func ExtractWithFlags(buildFlags []string, patterns []string) error {
scope := extractPackageScope(tw, pkg)
tw.ForEachObject(extractObjectType)
lbl := tw.Labeler.GlobalID(util.EscapeCurlyBraces(pkg.PkgPath) + ";pkg")
lbl := tw.Labeler.GlobalID(util.EscapeTrapSpecialChars(pkg.PkgPath) + ";pkg")
dbscheme.PackagesTable.Emit(tw, lbl, pkg.Name, pkg.PkgPath, scope)
if len(pkg.Errors) != 0 {
@@ -624,7 +624,7 @@ func (extraction *Extraction) extractFileInfo(tw *trap.Writer, file string) {
extraction.Lock.Unlock()
break
}
lbl := tw.Labeler.GlobalID(util.EscapeCurlyBraces(path) + ";folder")
lbl := tw.Labeler.GlobalID(util.EscapeTrapSpecialChars(path) + ";folder")
dbscheme.FoldersTable.Emit(tw, lbl, path, component)
if i > 0 {
dbscheme.ContainerParentTable.Emit(tw, parentLbl, lbl)
@@ -1496,7 +1496,7 @@ func getTypeLabel(tw *trap.Writer, tp types.Type) (trap.Label, bool) {
if field.Embedded() {
name = ""
}
fmt.Fprintf(&b, "%s,{%s},%s", name, fieldTypeLbl, util.EscapeCurlyBraces(tp.Tag(i)))
fmt.Fprintf(&b, "%s,{%s},%s", name, fieldTypeLbl, util.EscapeTrapSpecialChars(tp.Tag(i)))
}
lbl = tw.Labeler.GlobalID(fmt.Sprintf("%s;structtype", b.String()))
case *types.Pointer:

4
extractor/trap/labels.go
View File

@@ -74,7 +74,7 @@ func (l *Labeler) FileLabel() Label {
// FileLabelFor returns the label for the file for which the trap writer `tw` is associated
func (l *Labeler) FileLabelFor(path string) Label {
return l.GlobalID(util.EscapeCurlyBraces(path) + ";sourcefile")
return l.GlobalID(util.EscapeTrapSpecialChars(path) + ";sourcefile")
}
// LocalID associates a label with the given AST node `nd` and returns it
@@ -103,7 +103,7 @@ func (l *Labeler) ScopeID(scope *types.Scope, pkg *types.Package) Label {
} else {
if pkg != nil && pkg.Scope() == scope {
// if this scope is the package scope
pkgLabel := l.GlobalID(util.EscapeCurlyBraces(pkg.Path()) + ";package")
pkgLabel := l.GlobalID(util.EscapeTrapSpecialChars(pkg.Path()) + ";package")
label = l.GlobalID("{" + pkgLabel.String() + "};scope")
} else {
label = l.FreshID()

13
extractor/util/util.go
View File

@@ -198,10 +198,13 @@ func GetExtractorPath() (string, error) {
return extractorPath, nil
}
func EscapeCurlyBraces(s string) string {
// Replace carets with ^caret, then curly braces with ^lcbrace and ^rcbrace.
s = strings.ReplaceAll(s, "^", "^caret")
s = strings.ReplaceAll(s, "{", "^lcbrace")
s = strings.ReplaceAll(s, "}", "^rcbrace")
func EscapeTrapSpecialChars(s string) string {
// Replace TRAP special characters with their HTML entities, as well as '&' to avoid ambiguity.
s = strings.ReplaceAll(s, "&", "&")
s = strings.ReplaceAll(s, "{", "{")
s = strings.ReplaceAll(s, "}", "}")
s = strings.ReplaceAll(s, "\"", """)
s = strings.ReplaceAll(s, "@", "@")
s = strings.ReplaceAll(s, "#", "#")
return s
}