From 4b77ecbe8303cb2102dd77a04b92be0103bd008b Mon Sep 17 00:00:00 2001
From: Robin Gareus <robin@gareus.org>
Date: Wed, 26 Apr 2023 17:29:02 +0200
Subject: [PATCH] Sanitize XML values to be valid UTF-8 (#9317)

This prevents any non UTF-8 strings to leak into
Ardour XML files, which can make the session unloadable.
---
 libs/pbd/xml++.cc | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/libs/pbd/xml++.cc b/libs/pbd/xml++.cc
index 6037107869..5c57ad8395 100644
--- a/libs/pbd/xml++.cc
+++ b/libs/pbd/xml++.cc
@@ -9,6 +9,7 @@
 #include <string.h>
 #include <iostream>
 
+#include "pbd/utf8_utils.h"
 #include "pbd/xml++.h"
 
 #include <libxml/debugXML.h>
@@ -595,15 +596,17 @@ XMLNode::set_property(const char* name, const string& value)
 {
 	XMLPropertyIterator iter = _proplist.begin();
 
+	std::string const v = PBD::sanitize_utf8 (value);
+
 	while (iter != _proplist.end()) {
 		if ((*iter)->name() == name) {
-			(*iter)->set_value (value);
+			(*iter)->set_value (v);
 			return *iter;
 		}
 		++iter;
 	}
 
-	XMLProperty* new_property = new XMLProperty(name, value);
+	XMLProperty* new_property = new XMLProperty(name, v);
 
 	if (!new_property) {
 		return 0;