tools: sanitize device names in libinput-record YAML output

The device name was written directly into a YAML double-quoted string without sanitization. A malicious device name containing control characters or newlines can break the YAML structure, potentially causing parsers (libinput-replay, libinput-analyze-recording) to interpret injected YAML keys. Use str_sanitize() to replace control characters before writing the name into the YAML output. This will also replace any % in the device name with % but... meh. Assisted-by: Claude:claude-opus-4-6 Part-of: <https://gitlab.freedesktop.org/libinput/libinput/-/merge_requests/1486>
2026-06-09 22:38:22 +02:00 · 2026-06-01 21:25:59 +10:00 · 2026-06-01 21:25:59 +10:00 · 7c49e6112d
commit 7c49e6112d
parent 71a2c5cae2
1 changed files with 6 additions and 3 deletions
--- a/tools/libinput-record.c
+++ b/tools/libinput-record.c
@ -1519,7 +1519,8 @@ print_description(FILE *fp, struct libevdev *dev)
 		break;
 	}

-	iprintf(fp, I_EVDEV, "# Name: %s\n", libevdev_get_name(dev));
+	_autofree_ char *name = str_sanitize(libevdev_get_name(dev));
+	iprintf(fp, I_EVDEV, "# Name: %s\n", name ? name : "");
 	iprintf(fp,
 		I_EVDEV,
 		"# ID: bus 0x%04x%svendor 0x%04x product 0x%04x version 0x%04x\n",
@ -1570,7 +1571,8 @@ print_description(FILE *fp, struct libevdev *dev)
 static void
 print_bits_info(FILE *fp, struct libevdev *dev)
 {
-	iprintf(fp, I_EVDEV, "name: \"%s\"\n", libevdev_get_name(dev));
+	_autofree_ char *name = str_sanitize(libevdev_get_name(dev));
+	iprintf(fp, I_EVDEV, "name: \"%s\"\n", name ? name : "");
 	iprintf(fp,
 		I_EVDEV,
 		"id: [%d, %d, %d, %d]\n",
@ -1936,7 +1938,8 @@ select_device(void)
 		if (rc != 0)
 			continue;

-		fprintf(stderr, "%s%s:	%s\n", prefix, path, libevdev_get_name(device));
+		_autofree_ char *name = str_sanitize(libevdev_get_name(device));
+		fprintf(stderr, "%s%s:	%s\n", prefix, path, name ? name : "");
 		libevdev_free(device);
 		available_devices++;
 	}