exp/ssh: add safeString error sanitiser

R=huin, agl, gustav.paul, cw CC=golang-dev https://golang.org/cl/5399044

exp/ssh: add safeString error sanitiser
R=huin, agl, gustav.paul, cw CC=golang-dev https://golang.org/cl/5399044
b57bb928 · Dave Cheney · Adam Langley · 60e4a61d · b57bb928 · b57bb928
Commit b57bb928 authored Nov 28, 2011 by Dave Cheney Committed by Adam Langley Nov 28, 2011
Hide whitespace changes
Inline Side-by-side

Showing with 39 additions and 0 deletions

common.go src/pkg/exp/ssh/common.go +13 -0

common_test.go src/pkg/exp/ssh/common_test.go +26 -0

No files found.
--- a/src/pkg/exp/ssh/common.go
+++ b/src/pkg/exp/ssh/common.go
@@ -224,3 +224,16 @@ func buildDataSignedForAuth(sessionId []byte, req userAuthRequestMsg, algo, pubK
 	r = marshalString(r, pubKey)
 	return ret
 }
+
+// safeString sanitises s according to RFC 4251, section 9.2. 
+// All control characters except tab, carriage return and newline are
+// replaced by 0x20.
+func safeString(s string) string {
+	out := []byte(s)
+	for i, c := range out {
+		if c < 0x20 && c != 0xd && c != 0xa && c != 0x9 {
+			out[i] = 0x20
+		}
+	}
+	return string(out)
+}
--- a/src/pkg/exp/ssh/common_test.go
+++ b/src/pkg/exp/ssh/common_test.go
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ssh
+
+import (
+	"testing"
+)
+
+var strings = map[string]string{
+	"\x20\x0d\x0a":  "\x20\x0d\x0a",
+	"flibble":       "flibble",
+	"new\x20line":   "new\x20line",
+	"123456\x07789": "123456 789",
+	"\t\t\x10\r\n":  "\t\t \r\n",
+}
+
+func TestSafeString(t *testing.T) {
+	for s, expected := range strings {
+		actual := safeString(s)
+		if expected != actual {
+			t.Errorf("expected: %v, actual: %v", []byte(expected), []byte(actual))
+		}
+	}
+}