Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-01-26 06:38:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix for bug 57556: escapes user-entered data when displaying it to prevent cross-site scripting attacks.

Browse Source 
r=dmose
This commit is contained in:
myk%mozilla.org 2002-09-16 21:31:58 +00:00
parent 0fad706e11
commit 578177f712
5 changed files with 35 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
webtools/web-sniffer/cgiview.c
View File

@ -277,7 +277,7 @@ getHTTPRequestHeaders(View *view, char *host, char *verbose)
*r++ = str;
viewReport(view, str);
}
viewReport(view, "<hr>");
fprintf(view->out, "<hr><br>");
*r = NULL;
return (unsigned char **) ret;
@ -359,7 +359,7 @@ main(int argc, char *argv[])
);
viewReport(view, "input url:");
viewReport(view, (char *) url);
viewReport(view, "<hr>");
fprintf(view->out, "<hr><br>");
u = urlParse(url);
if
(
@ -410,7 +410,7 @@ main(int argc, char *argv[])
free(newURL);
viewReport(view, "fully qualified url:");
viewReport(view, (char *) u->url);
viewReport(view, "<hr>");
fprintf(view->out, "<hr><br>");
fflush(view->out);
if (!strcmp((char *) u->scheme, "http"))
{

29
webtools/web-sniffer/html.c
View File

@ -849,6 +849,29 @@ htmlRead(void *a, Input *input, unsigned char *base)
unsigned char *
toHTML(unsigned char *str)
{
unsigned char *escaped_str;
unsigned char *result;
escaped_str = escapeHTML(str);
result = NULL;
result = calloc(strlen((char *) escaped_str)+2, 1);
if (!result)
{
fprintf(stderr, "cannot calloc toHTML string\n");
exit(0);
}
result[0] = '"';
strcat((char *) result, (char *) escaped_str);
strcat((char *) result, "\"");
return result;
}
unsigned char *
escapeHTML(unsigned char *str)
{
char buf[2];
int i;
@ -892,17 +915,15 @@ toHTML(unsigned char *str)
}
if (!result)
{
result = calloc(len + 3, 1);
result = calloc(len + 1, 1);
if (!result)
{
fprintf(stderr,
"cannot calloc toHTML string\n");
"cannot calloc escapeHTML string\n");
exit(0);
}
result[0] = '"';
}
}
strcat((char *) result, "\"");
return result;
}

1
webtools/web-sniffer/html.h
View File

@ -51,5 +51,6 @@ void htmlRegister(char *tag, char *attributeName, HTMLHandler handler);
void htmlRegisterTagHandler(HTMLHandler handler);
void htmlRegisterURLHandler(HTMLHandler handler);
unsigned char *toHTML(unsigned char *str);
unsigned char *escapeHTML(unsigned char *str);
#endif /* _HTML_H_ */

8
webtools/web-sniffer/net.c
View File

@ -141,7 +141,7 @@ getSocketAndIPAddress(void *a, unsigned char *hostName, int port,
{
reportTime(REPORT_TIME_GETHOSTBYNAME_FAILURE, &theTime);
reportStatus(a, "gethostbyname_r failed", __FILE__, __LINE__);
viewReport(a, "failed<br><hr>");
fprintf(stdout, "failed<br><hr><br>");
close(sock);
return -1;
}
@ -150,7 +150,7 @@ getSocketAndIPAddress(void *a, unsigned char *hostName, int port,
reportStatus(a, "gethostbyname_r succeeded", __FILE__, __LINE__);
viewReport(a, "succeeded<br><hr>");
fprintf(stdout, "succeeded<br><hr><br>");
MUTEX_LOCK();
dnsCount++;
@ -273,7 +273,7 @@ netConnect(void *a, unsigned char *hostName, int port)
reportStatus(a, "connect failed", __FILE__, __LINE__);
viewReport(a, "failed:");
viewReport(a, strerror(errno) ? strerror(errno) : "NULL");
viewReport(a, "<hr>");
fprintf(stdout, "<hr><br>");
return -1;
}
@ -281,7 +281,7 @@ netConnect(void *a, unsigned char *hostName, int port)
reportStatus(a, "connect succeeded", __FILE__, __LINE__);
viewReport(a, "succeeded<br><hr>");
fprintf(stdout, "succeeded<br><hr><br>");
MUTEX_LOCK();
connectCount++;

3
webtools/web-sniffer/view.c
View File

@ -24,6 +24,7 @@
#include <string.h>
#include "http.h"
#include "html.h"
#include "io.h"
#include "view.h"
@ -227,7 +228,7 @@ viewReport(View *view, char *str)
{
if (verbose)
{
fprintf(view->out, str);
fprintf(view->out, (char *) escapeHTML((unsigned char *) str));
fprintf(view->out, "<br>");
fflush(view->out);
}