From a2c1e92b79c1f44cb7b68b540305cb93b175a3a5 Mon Sep 17 00:00:00 2001 From: Christian Hergert Date: Fri, 24 Nov 2017 22:00:53 -0800 Subject: [PATCH] process-model-row: escape for markup We need to ensure this gets escaped since we cannot really trust what comes from /proc. --- lib/widgets/sp-process-model-row.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/widgets/sp-process-model-row.c b/lib/widgets/sp-process-model-row.c index b5edbb7b..d2e6ca67 100644 --- a/lib/widgets/sp-process-model-row.c +++ b/lib/widgets/sp-process-model-row.c @@ -82,8 +82,9 @@ sp_process_model_row_set_item (SpProcessModelRow *self, if ((NULL != (argv = sp_process_model_item_get_argv (item))) && (argv[0] != NULL)) { g_autofree gchar *argvstr = g_strjoinv (" ", (gchar **)&argv[1]); + g_autofree gchar *escaped = g_markup_escape_text (argvstr, -1); - gtk_label_set_label (priv->args_label, argvstr); + gtk_label_set_label (priv->args_label, escaped); } pid = sp_process_model_item_get_pid (item);