From 72d3f7393e166fb3846c1b1cf2d50ff8dbea71d6 Mon Sep 17 00:00:00 2001
From: Francesco Cogno <francesco.cogno@outlook.com>
Date: Wed, 3 Nov 2021 11:36:05 +0100
Subject: [PATCH] Escape friendly name double quote (#84)

* escape friendly name

* Updated README
---
 Cargo.toml                  |  2 +-
 README.md                   |  3 ++-
 src/friendly_description.rs | 22 +++++++++++++++++++++-
 3 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index 04ef8a5..1ae1660 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name                     = "prometheus_wireguard_exporter"
-version                  = "3.6.0"
+version                  = "3.6.1"
 authors                  = ["Francesco Cogno <francesco.cogno@outlook.com>"]
 description              = "Prometheus WireGuard Exporter"
 edition                  = "2018"
diff --git a/README.md b/README.md
index 14aae2a..c535b0e 100644
--- a/README.md
+++ b/README.md
@@ -22,7 +22,8 @@ A Prometheus exporter for [WireGuard](https://www.wireguard.com), written in Rus
 
 ## Changelog
 
-* **BREAKING** From release [3.6.0](https://github.com/MindFlavor/prometheus_wireguard_exporter/releases/tag/3.6.0) the exporter takes fallback configuration values from the environment variables. Thanks to [j_r0dd](https://github.com/jr0dd) for the idea. This changes how the exporter evaluates the command line parameters: make sure to consult the documentation on how to convert your command line to the new format. Basically every switch (for example verbose `-v`) not expect values, either `true` or `false`. This is necessary because there is no way to discriminate between an empty environment variable and one that has not been set.
+* From release [3.6.1](https://github.com/MindFlavor/prometheus_wireguard_exporter/releases/tag/3.6.1) the exporter correctly escapes the double quotes in `friendly_name`. Thanks to [Steven Wood](https://github.com/stvnw) for finding the bug in #82.
+* **BREAKING** From version `3.6.0` the exporter takes fallback configuration values from the environment variables. Thanks to [j_r0dd](https://github.com/jr0dd) for the idea. This changes how the exporter evaluates the command line parameters: make sure to consult the documentation on how to convert your command line to the new format. Basically every switch (for example verbose `-v`) not expect values, either `true` or `false`. This is necessary because there is no way to discriminate between an empty environment variable and one that has not been set.
 * From release [3.5.1](https://github.com/MindFlavor/prometheus_wireguard_exporter/releases/tag/3.5.1) the exporter supports multiple peer files. Thanks to [Tobias Krischer](https://github.com/tobikris) for the idea.
 * From release [3.5.0](https://github.com/MindFlavor/prometheus_wireguard_exporter/releases/tag/3.5.0) the exporter supports the `friendly_json` tag. Entries prepended with the `friendly_json` tag will output all the entries in the specificed json as Prometheus attributes. Thanks to [DrProxyProSupport](https://github.com/iqdoctor) for the idea.
 * From release [3.4.1](https://github.com/MindFlavor/prometheus_wireguard_exporter/releases/tag/3.4.0) the exporter supports prepending `sudo` to the `wg` command. This allows to run the exporter as a non root user (although sudoer without password). Thanks to [Jonas Seydel](https://github.com/Thor77) for the idea.
diff --git a/src/friendly_description.rs b/src/friendly_description.rs
index c62064f..b29910c 100644
--- a/src/friendly_description.rs
+++ b/src/friendly_description.rs
@@ -14,7 +14,7 @@ impl<'a> TryFrom<(&'a str, &'a str)> for FriendlyDescription<'a> {
 
     fn try_from((header_name, value): (&'a str, &'a str)) -> Result<Self, Self::Error> {
         Ok(match header_name {
-            "friendly_name" => FriendlyDescription::Name(value.into()),
+            "friendly_name" => FriendlyDescription::Name(value.replace("\"", "\\\"").into()),
             "friendly_json" => {
                 let ret: HashMap<&str, serde_json::Value> = serde_json::from_str(value)?;
                 FriendlyDescription::Json(ret)
@@ -29,3 +29,23 @@ impl<'a> TryFrom<(&'a str, &'a str)> for FriendlyDescription<'a> {
         })
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use std::convert::TryInto;
+
+    #[test]
+    fn test_no_escape_friendly_name() {
+        let fd: FriendlyDescription = ("friendly_name", "no escaping").try_into().unwrap();
+        assert_eq!(fd, FriendlyDescription::Name("no escaping".into()));
+    }
+
+    #[test]
+    fn test_escape_friendly_name() {
+        const TO_ESCAPE: &str = r#"man this is a quote ""#;
+        const ESCAPED: &str = r#"man this is a quote \""#;
+        let fd: FriendlyDescription = ("friendly_name", TO_ESCAPE).try_into().unwrap();
+        assert_eq!(fd, FriendlyDescription::Name(ESCAPED.into()));
+    }
+}