Bug#522527: Escape description text with --color html
Package: lintian
Version: 2.2.9
The attached patch arranges for '--color html' output to be properly
escaped. Without it, if you look at the output in a web browser, things
like the <pkg> in no-copyright-file's /usr/share/doc/<pkg>/copyright can
disappear.
ttfn/rjk
diff --git a/lib/Lintian/Output.pm b/lib/Lintian/Output.pm
index edb3878..677d24d 100644
--- a/lib/Lintian/Output.pm
+++ b/lib/Lintian/Output.pm
@@ -295,7 +295,9 @@ sub print_tag {
my $tag;
if ($self->_do_color) {
if ($self->color eq 'html') {
- $tag .= qq(<span style="color: $tag_color">$tag_info->{tag}</span>)
+ my $escaped = $tag_info->{tag};
+ $escaped =~ s/[<&]/sprintf("&#%d;", ord($&))/ge;
+ $tag .= qq(<span style="color: $tag_color">$escaped</span>)
} else {
$tag .= Term::ANSIColor::colored($tag_info->{tag}, $tag_color);
}
@@ -308,6 +310,9 @@ sub print_tag {
my $info = Lintian::Tag::Info->new($tag_info->{tag});
if ($info) {
my $description = $info->description('text', ' ');
+ if($self->_do_color and $self->color eq 'html') {
+ $description =~ s/[<&]/sprintf("&#%d;", ord($&))/ge;
+ }
$self->_print('', 'N', '');
$self->_print('', 'N', split("\n", $description));
$self->_print('', 'N', '');
Reply to: