From aba5e60792177d6a2a867445559f4806973b3258 Mon Sep 17 00:00:00 2001
From: Flole <Flole998@users.noreply.github.com>
Date: Wed, 24 Apr 2024 16:29:14 +0200
Subject: [PATCH] Properly escape json in setup

---
 debian/tvheadend.postinst | 29 +++++++++++++++++++++++++++--
 1 file changed, 27 insertions(+), 2 deletions(-)

diff --git a/debian/tvheadend.postinst b/debian/tvheadend.postinst
index eff115c9d..652f311b3 100644
--- a/debian/tvheadend.postinst
+++ b/debian/tvheadend.postinst
@@ -5,6 +5,27 @@ HTS_USER="hts"
 . /usr/share/debconf/confmodule
 db_version 2.0
 
+escape_json_string() {
+    LANG=C command -p awk '
+        BEGIN {
+            ORS = ""
+
+            for ( i = 1; i <= 127; i++ )
+                tr[ sprintf( "%c", i) ] = sprintf( "\\u%04x", i )
+
+            for ( i = 1; i < ARGC; i++ ) {
+                s = ARGV[i]
+                print "\""
+                while ( match( s, /[\001-\037\177"\\]/ ) ) {
+                    print substr(s,1,RSTART-1) tr[ substr(s,RSTART,RLENGTH) ]
+                    s = substr(s,RSTART+RLENGTH)
+                }
+                print s "\"\n"
+            }
+        }
+    ' "$@"
+}
+
 case "$1" in
 configure)
     if ! getent passwd "$HTS_USER" >/dev/null; then
@@ -36,11 +57,15 @@ configure)
     echo >>"$HTS_SUPERUSERCONF" "{"
 
     if db_get tvheadend/admin_username; then
-        echo >>"$HTS_SUPERUSERCONF" "\"username\": \"$RET\","
+        JSONUSER=`escape_json_string $RET`
+        echo "\"username\": $JSONUSER,"
+        JSONUSER=""
     fi
 
     if db_get tvheadend/admin_password; then
-        echo >>"$HTS_SUPERUSERCONF" "\"password\": \"$RET\""
+        JSONPASS=`escape_json_string $RET`
+        echo "\"password\": $JSONPASS"
+        JSONPASS=""
     fi
     
     echo >>"$HTS_SUPERUSERCONF" "}"
-- 
2.47.3