[geany/geany] c63564: Fix escaping of infobar text against entity injection from filename

Wed Jan 2 22:17:51 UTC 2019

Branch:      refs/heads/1.34
Author:      Colomban Wendling <ban at herbesfolles.org>
Committer:   Colomban Wendling <ban at herbesfolles.org>
Date:        Wed, 02 Jan 2019 22:17:51 UTC
Commit:      c6356444b12b0f2759546334caabb42fd6a28097
             https://github.com/geany/geany/commit/c6356444b12b0f2759546334caabb42fd6a28097

Log Message:
-----------
Fix escaping of infobar text against entity injection from filename

Fixes #2033.


Modified Paths:
--------------
    src/document.c

Modified: src/document.c
2 lines changed, 1 insertions(+), 1 deletions(-)
===================================================================
@@ -3459,7 +3459,7 @@ static GtkWidget* document_show_message(GeanyDocument *doc, GtkMessageType msgty
 	text = g_strdup_vprintf(format, args);
 	va_end(args);
 
-	markup = g_strdup_printf("<span size=\"larger\">%s</span>", text);
+	markup = g_markup_printf_escaped("<span size=\"larger\">%s</span>", text);
 	g_free(text);
 
 	info_widget = gtk_info_bar_new();



--------------
This E-Mail was brought to you by github_commit_mail.py (Source: https://github.com/geany/infrastructure).
