Make sure we escape the subject and text in the RSS feed

(<rdar://problem/23135066>)


git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@12942 a1ca3aef-8c08-0410-bb20-df032aa958be

1 files changed, 9 insertions, 3 deletions

diff --git a/notifier/rss.c b/notifier/rss.c
index ae8ae4797..3f6ca111e 100644
--- a/notifier/rss.c
+++ b/notifier/rss.c
@@ -3,7 +3,7 @@
  *
  * RSS notifier for CUPS.
  *
- * Copyright 2007-2014 by Apple Inc.
+ * Copyright 2007-2015 by Apple Inc.
  * Copyright 2007 by Easy Software Products.
  *
  * These coded instructions, statements, and computer programs are the
@@ -641,15 +641,21 @@ save_rss(cups_array_t *rss,		/* I - RSS messages */
        msg;
        msg = (_cups_rss_t *)cupsArrayPrev(rss))
   {
+    char *subject = xml_escape(msg->subject);
+    char *text = xml_escape(msg->text);
+
     fputs("    <item>\n", fp);
-    fprintf(fp, "      <title>%s</title>\n", msg->subject);
-    fprintf(fp, "      <description>%s</description>\n", msg->text);
+    fprintf(fp, "      <title>%s</title>\n", subject);
+    fprintf(fp, "      <description>%s</description>\n", text);
     if (msg->link_url)
       fprintf(fp, "      <link>%s</link>\n", msg->link_url);
     fprintf(fp, "      <pubDate>%s</pubDate>\n",
             httpGetDateString2(msg->event_time, date, sizeof(date)));
     fprintf(fp, "      <guid>%d</guid>\n", msg->sequence_number);
     fputs("    </item>\n", fp);
+
+    free(subject);
+    free(text);
   }
 
   fputs(" </channel>\n", fp);