From 2e55bdd3f279849a4e499a4a7c1a0d63d39f117b Mon Sep 17 00:00:00 2001
From: Pierluigi Lenoci <pierluigi.lenoci@gmail.com>
Date: Wed, 18 Mar 2026 13:58:34 +0100
Subject: [PATCH] fix(scripts): encode residual JSON control chars as \uXXXX
 instead of stripping (#1872)

* fix(scripts): encode residual control chars as \uXXXX instead of stripping

json_escape() was silently deleting control characters (U+0000-U+001F)
that were not individually handled (\n, \t, \r, \b, \f). Per RFC 8259,
these must be encoded as \uXXXX sequences to preserve data integrity.

Replace the tr -d strip with a char-by-char loop that emits proper
\uXXXX escapes for any remaining control characters.

* fix(scripts): address Copilot review on json_escape control char loop

- Set LC_ALL=C for the entire loop (not just printf) so that ${#s} and
  ${s:$i:1} operate on bytes deterministically across locales
- Fix comment: U+0000 (NUL) cannot exist in bash strings, range is
  U+0001-U+001F; adjust code guard accordingly (code >= 1)
- Emit directly to stdout instead of accumulating in a variable,
  avoiding quadratic string concatenation on longer inputs

* perf(scripts): use printf -v to avoid subshell in json_escape loop

Replace code=$(printf ...) with printf -v code to assign the character
code without spawning a subshell on every byte, reducing overhead for
longer inputs.
---
 scripts/bash/common.sh | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/scripts/bash/common.sh b/scripts/bash/common.sh
index 826e740f..40f1c96e 100644
--- a/scripts/bash/common.sh
+++ b/scripts/bash/common.sh
@@ -171,9 +171,21 @@ json_escape() {
     s="${s//$'\r'/\\r}"
     s="${s//$'\b'/\\b}"
     s="${s//$'\f'/\\f}"
-    # Strip remaining control characters (U+0000–U+001F) not individually escaped above
-    s=$(printf '%s' "$s" | tr -d '\000-\007\013\016-\037')
-    printf '%s' "$s"
+    # Escape any remaining U+0001-U+001F control characters as \uXXXX.
+    # (U+0000/NUL cannot appear in bash strings and is excluded.)
+    # LC_ALL=C ensures ${#s} counts bytes and ${s:$i:1} yields single bytes,
+    # so multi-byte UTF-8 sequences (first byte >= 0xC0) pass through intact.
+    local LC_ALL=C
+    local i char code
+    for (( i=0; i<${#s}; i++ )); do
+        char="${s:$i:1}"
+        printf -v code '%d' "'$char" 2>/dev/null || code=256
+        if (( code >= 1 && code <= 31 )); then
+            printf '\\u%04x' "$code"
+        else
+            printf '%s' "$char"
+        fi
+    done
 }
 
 check_file() { [[ -f "$1" ]] && echo "  ✓ $2" || echo "  ✗ $2"; }