--- contrib/openbsm/libbsm/bsm_io.c.orig 2011-10-23 12:10:40.000000000 -0400
+++ contrib/openbsm/libbsm/bsm_io.c 2011-10-23 12:35:31.000000000 -0400
@@ -214,6 +214,28 @@
}
/*
+ * Prints the given data bytes as an XML-sanitized string
+ */
+static void
+print_xml_string(FILE *fp, const char *str, size_t len)
+{
+ u_int32_t i;
+
+ if (len > 0) {
+ for (i = 0; i < len; i++) {
+ if (str[i] != '\0') {
+ if (str[i] == '&')
+ fprintf(fp, "&");
+ else if (str[i] == '<')
+ fprintf(fp, "<");
+ else
+ fprintf(fp, "%c", str[i]);
+ }
+ }
+ }
+}
+
+/*
* Prints the beggining of attribute.
*/
static void
@@ -1855,7 +1877,7 @@
for (i = 0; i < tok->tt.execarg.count; i++) {
if (xml) {
fprintf(fp, "");
- print_string(fp, tok->tt.execarg.text[i],
+ print_xml_string(fp, tok->tt.execarg.text[i],
strlen(tok->tt.execarg.text[i]));
fprintf(fp, "");
} else {
@@ -1914,7 +1936,7 @@
for (i = 0; i< tok->tt.execenv.count; i++) {
if (xml) {
fprintf(fp, "");
- print_string(fp, tok->tt.execenv.text[i],
+ print_xml_string(fp, tok->tt.execenv.text[i],
strlen(tok->tt.execenv.text[i]));
fprintf(fp, "");
} else {