make startup command multiline

* step 1 * step2 * Update cmd_script.c * Update cmd_script.c * Update obk_config.h * Update cmd_script.c * Update cmd_script.c * fx * Update obk_config.h * Update OpenW800 * Update OpenW800 * Update obk_config.h * f * fix waitfor * Update obk_config.h * Update Makefile * json escap9ijgng * crash checks and size check * w600 bmp * fx * Update Makefile * test * fx * Tokenizer_GetPin * fix * fix * ln882h pins * Update new_http.c * Update new_http.c * Update new_http.c * aht * aht * Update obk_config.h * drv_sht3x * aht pins * f * fx * aht * sunset fx * ln owm * Update CMakeLists.txt
2026-02-07 18:35:59 +00:00 · 2025-01-23 23:10:35 +01:00
parent 1ef7c8192f
commit 77efc7ebca
24 changed files with 203 additions and 31 deletions
--- a/src/httpserver/http_fns.c
+++ b/src/httpserver/http_fns.c
@ -1628,7 +1628,7 @@ int http_fn_cmd_tool(http_request_t* request) {

 #if ENABLE_HTTP_STARTUP
 int http_fn_startup_command(http_request_t* request) {
-	char tmpA[512];
+	char tmpA[8];
 	http_setup(request, httpMimeTypeHTML);
 	http_html_start(request, "Set startup command");
 	poststr_h4(request, "Set/Change/Clear startup command line");
@ -1638,15 +1638,27 @@ int http_fn_startup_command(http_request_t* request) {
 		"Use backlog cmd1; cmd2; cmd3; etc to enter multiple commands</p>");

 	if (http_getArg(request->url, "startup_cmd", tmpA, sizeof(tmpA))) {
-		http_getArg(request->url, "data", tmpA, sizeof(tmpA));
-		//  hprintf255(request,"<h3>Set command to  %s!</h3>",tmpA);
-		// tmpA can be longer than 128 bytes and this would crash
-		hprintf255(request, "<h3>Command changed!</h3>");
-		CFG_SetShortStartupCommand(tmpA);
+		// direct config access to remove buffer on stack
+		int realSize = http_getArg(request->url, "data", g_cfg.initCommandLine, sizeof(g_cfg.initCommandLine));
+		// mark as dirty (value has changed)
+		g_cfg_pendingChanges++;
+		if (realSize >= sizeof(g_cfg.initCommandLine)) {
+			hprintf255(request, "<h3 style='color:red'>Command trimmed from %i to %i!</h3>",realSize, sizeof(g_cfg.initCommandLine));
+		} else {
+			hprintf255(request, "<h3>Command changed!</h3>");
+		}
 		CFG_Save_IfThereArePendingChanges();
 	}

+#if ENABLE_OBK_SCRIPTING
+	poststr(request, "<form action=\"/startup_command\">");
+	poststr(request, "<label for='data'>Startup command</label><br>");
+	poststr(request, "<textarea id='data' name='data' rows='15' cols='40'>");
+	poststr(request, CFG_GetShortStartupCommand());
+	poststr(request, "</textarea><br>");
+#else
 	add_label_text_field(request, "Startup command", "data", CFG_GetShortStartupCommand(), "<form action=\"/startup_command\">");
+#endif
 	poststr(request, "<input type='hidden' name='startup_cmd' value='1'>");
 	poststr(request, SUBMIT_AND_END_FORM);

--- a/src/httpserver/http_tcp_server_nonblocking.c
+++ b/src/httpserver/http_tcp_server_nonblocking.c
@ -113,7 +113,7 @@ void HTTPServer_RunQuickTick() {
 		// Receive until the peer shuts down the connection
 		do {

-			iResult = recv(ClientSocket, recvbuf, recvbuflen, 0);
+			iResult = recv(ClientSocket, recvbuf, recvbuflen-1, 0);
 			if (iResult > 0) {
 				http_request_t request;
 				memset(&request, 0, sizeof(request));
--- a/src/httpserver/new_http.c
+++ b/src/httpserver/new_http.c
@ -156,7 +156,7 @@ void poststr_escaped(http_request_t* request, char* str) {
 	bool foundChar = false;
 	int len = strlen(str);

-	//Do a quick check if escaping is necessary
+	// Do a quick check if escaping is necessary
 	for (i = 0; (foundChar == false) && (i < len); i++) {
 		switch (str[i]) {
 		case '<':
@ -200,6 +200,53 @@ void poststr_escaped(http_request_t* request, char* str) {
 	}
 }

+void poststr_escapedForJSON(http_request_t* request, char* str) {
+	if (str == NULL) {
+		postany(request, NULL, 0);
+		return;
+	}
+
+	int i;
+	bool foundChar = false;
+	int len = strlen(str);
+
+	// Do a quick check if escaping is necessary
+	for (i = 0; (foundChar == false) && (i < len); i++) {
+		switch (str[i]) {
+		case '\n':
+			foundChar = true;
+			break;
+		case '\r':
+			foundChar = true;
+			break;
+		case '\"':
+			foundChar = true;
+			break;
+		}
+	}
+
+	if (foundChar) {
+		for (i = 0; i < len; i++) {
+			switch (str[i]) {
+			case '\n':
+				postany(request, "\\n", 2);
+				break;
+			case '\r':
+				postany(request, "\\r", 2);
+				break;
+			case '\"':
+				postany(request, "\\\"", 2);
+				break;
+			default:
+				postany(request, str + i, 1);
+				break;
+			}
+		}
+	}
+	else {
+		postany(request, str, strlen(str));
+	}
+}
 bool http_startsWith(const char* base, const char* substr) {
 	while (*substr != 0) {
 		if (*base != *substr)
@ -666,6 +713,11 @@ int HTTP_ProcessPacket(http_request_t* request) {
 			return 0;
 		}
 	}
+	else {
+		// if p is 0, then strchr below would crash
+		ADDLOGF_ERROR("invalid request\n");
+		return 0;
+	}

 	request->url = urlStr;

--- a/src/httpserver/new_http.h
+++ b/src/httpserver/new_http.h
@ -68,6 +68,7 @@ void http_html_start(http_request_t* request, const char* pagename);
 void http_html_end(http_request_t* request);
 int poststr(http_request_t* request, const char* str);
 void poststr_escaped(http_request_t* request, char* str);
+void poststr_escapedForJSON(http_request_t* request, char* str);
 int postany(http_request_t* request, const char* str, int len);
 void misc_formatUpTimeString(int totalSeconds, char* o);
 // void HTTP_AddBuildFooter(http_request_t *request);
--- a/src/httpserver/rest_interface.c
+++ b/src/httpserver/rest_interface.c
@ -910,7 +910,7 @@ static int http_rest_get_info(http_request_t* request) {
 	hprintf255(request, "\"shortName\":\"%s\",", CFG_GetShortDeviceName());
 	poststr(request, "\"startcmd\":\"");
 	// This can be longer than 255
-	poststr(request, CFG_GetShortStartupCommand());
+	poststr_escapedForJSON(request, CFG_GetShortStartupCommand());
 	poststr(request, "\",");
 #ifndef OBK_DISABLE_ALL_DRIVERS
 	hprintf255(request, "\"supportsSSDP\":%d,", DRV_IsRunning("SSDP") ? 1 : 0);