From 8c408da9abcc001b0aa469e56818dde542897db0 Mon Sep 17 00:00:00 2001 From: Linus Torvalds Date: Mon, 19 Aug 2019 11:21:57 -0700 Subject: [PATCH] Fix the dive site XML saving It turns out that the dive site saving was subtly but horribly buggy. To save the value of the dive site, it did show_utf8_blanked(b, t->value, " value='", "'/>\n", 1, anonymize); which looks sane on the face of it, but the problem is that it puts the final closing xml marker in the 'append this at the end' case. That means that if the value is empty, the value won't be saved, but neither will the closing tag. Resulting in an xml line that looks like this: where the first geo tag was saved without the ending marker. That then makes all the xml nesting entirely wrong, and the whole file fails to save. Now, the code around it does check that 't->value' is not NULL, but it doesn't check for a value that is empty or all spaces (which also will make 'show_utf8()' just skip it. Fix it by saving the end marker separately: show_utf8_blanked(b, t->value, " value='", "'", 1, anonymize); put_format(b, "/>\n"); so that the xml is valid even if the goe marker value wasn'r. Reported-by: Bob Barker Signed-off-by: Linus Torvalds --- core/save-xml.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/core/save-xml.c b/core/save-xml.c index e0a09df16..339354854 100644 --- a/core/save-xml.c +++ b/core/save-xml.c @@ -623,7 +623,8 @@ void save_dives_buffer(struct membuffer *b, const bool select_only, bool anonymi if (t->category != TC_NONE && t->value) { put_format(b, " category); put_format(b, " origin='%d'", t->origin); - show_utf8_blanked(b, t->value, " value='", "'/>\n", 1, anonymize); + show_utf8_blanked(b, t->value, " value='", "'", 1, anonymize); + put_format(b, "/>\n"); } } } @@ -837,7 +838,8 @@ void save_dive_sites_buffer(struct membuffer *b, const bool select_only, bool an if (t->category != TC_NONE && t->value) { put_format(b, " category); put_format(b, " origin='%d'", t->origin); - show_utf8_blanked(b, t->value, " value='", "'/>\n", 1, anonymize); + show_utf8_blanked(b, t->value, " value='", "'", 1, anonymize); + put_format(b, "/>\n"); } } }