diff options
author | Dmitri Gribenko <gribozavr@gmail.com> | 2014-04-22 10:59:13 +0000 |
---|---|---|
committer | Dmitri Gribenko <gribozavr@gmail.com> | 2014-04-22 10:59:13 +0000 |
commit | e36bbd1eec01bfb06927de7791ec13135198fa68 (patch) | |
tree | 2a00df55fdd92ced2765d39d9cd44ff7cd2ca60d /utils/TableGen | |
parent | 059bec7acc616e2fd9e39ccbfdb8c363cc5b719c (diff) | |
download | clang-e36bbd1eec01bfb06927de7791ec13135198fa68.tar.gz clang-e36bbd1eec01bfb06927de7791ec13135198fa68.tar.bz2 clang-e36bbd1eec01bfb06927de7791ec13135198fa68.tar.xz |
Comment parsing: in the generated XML file, mark HTML that is safe to pass
through to the output even if the input comment comes from an untrusted source
Attribute filtering is currently based on a blacklist, which right now includes
all event handler attributes (they contain JavaScipt code). It should be
switched to a whitelist, but going over all of the HTML5 spec requires a
significant amount of time.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@206882 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'utils/TableGen')
-rw-r--r-- | utils/TableGen/ClangCommentHTMLTagsEmitter.cpp | 41 |
1 files changed, 26 insertions, 15 deletions
diff --git a/utils/TableGen/ClangCommentHTMLTagsEmitter.cpp b/utils/TableGen/ClangCommentHTMLTagsEmitter.cpp index bfcd2cfd15..2a9110f8eb 100644 --- a/utils/TableGen/ClangCommentHTMLTagsEmitter.cpp +++ b/utils/TableGen/ClangCommentHTMLTagsEmitter.cpp @@ -12,6 +12,7 @@ // //===----------------------------------------------------------------------===// +#include "TableGenBackends.h" #include "llvm/TableGen/Record.h" #include "llvm/TableGen/StringMatcher.h" #include "llvm/TableGen/TableGenBackend.h" @@ -19,14 +20,11 @@ using namespace llvm; -namespace clang { -void EmitClangCommentHTMLTags(RecordKeeper &Records, raw_ostream &OS) { +void clang::EmitClangCommentHTMLTags(RecordKeeper &Records, raw_ostream &OS) { std::vector<Record *> Tags = Records.getAllDerivedDefinitions("Tag"); std::vector<StringMatcher::StringPair> Matches; - for (std::vector<Record *>::iterator I = Tags.begin(), E = Tags.end(); - I != E; ++I) { - Record &Tag = **I; - std::string Spelling = Tag.getValueAsString("Spelling"); + for (Record *Tag : Tags) { + std::string Spelling = Tag->getValueAsString("Spelling"); Matches.push_back(StringMatcher::StringPair(Spelling, "return true;")); } @@ -38,19 +36,17 @@ void EmitClangCommentHTMLTags(RecordKeeper &Records, raw_ostream &OS) { << "}\n\n"; } -void EmitClangCommentHTMLTagsProperties(RecordKeeper &Records, - raw_ostream &OS) { +void clang::EmitClangCommentHTMLTagsProperties(RecordKeeper &Records, + raw_ostream &OS) { std::vector<Record *> Tags = Records.getAllDerivedDefinitions("Tag"); std::vector<StringMatcher::StringPair> MatchesEndTagOptional; std::vector<StringMatcher::StringPair> MatchesEndTagForbidden; - for (std::vector<Record *>::iterator I = Tags.begin(), E = Tags.end(); - I != E; ++I) { - Record &Tag = **I; - std::string Spelling = Tag.getValueAsString("Spelling"); + for (Record *Tag : Tags) { + std::string Spelling = Tag->getValueAsString("Spelling"); StringMatcher::StringPair Match(Spelling, "return true;"); - if (Tag.getValueAsBit("EndTagOptional")) + if (Tag->getValueAsBit("EndTagOptional")) MatchesEndTagOptional.push_back(Match); - if (Tag.getValueAsBit("EndTagForbidden")) + if (Tag->getValueAsBit("EndTagForbidden")) MatchesEndTagForbidden.push_back(Match); } @@ -65,6 +61,21 @@ void EmitClangCommentHTMLTagsProperties(RecordKeeper &Records, StringMatcher("Name", MatchesEndTagForbidden, OS).Emit(); OS << " return false;\n" << "}\n\n"; + + std::vector<Record *> Attributes = + Records.getAllDerivedDefinitions("Attribute"); + std::vector<StringMatcher::StringPair> Matches; + for (Record *Attribute : Attributes) { + std::string Spelling = Attribute->getValueAsString("Spelling"); + if (!Attribute->getValueAsBit("IsSafeToPassThrough")) + Matches.push_back(StringMatcher::StringPair(Spelling, "return false;")); + } + + emitSourceFileHeader("HTML attribute name matcher", OS); + + OS << "bool isHTMLAttributeSafeToPassThrough(StringRef Name) {\n"; + StringMatcher("Name", Matches, OS).Emit(); + OS << " return true;\n" + << "}\n\n"; } -} // end namespace clang |