projects
/
matthijs
/
upstream
/
blosxom.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
1f57e9b
)
Minimal version of Kevin's patch against CVE-2008-2236 (no additional variable $esc_f...
author
Axel Beckert
<xtaran@users.sourceforge.net>
Thu, 2 Oct 2008 01:05:34 +0000
(
01:05
+0000)
committer
Axel Beckert
<xtaran@users.sourceforge.net>
Thu, 2 Oct 2008 01:05:34 +0000
(
01:05
+0000)
blosxom.cgi
patch
|
blob
|
history
diff --git
a/blosxom.cgi
b/blosxom.cgi
index eae39bf4becfc5bef9134b7196dd3769b84ebbc1..44edf47264a4f5e195eb910a2c0a8a7745b397a4 100755
(executable)
--- a/
blosxom.cgi
+++ b/
blosxom.cgi
@@
-2,7
+2,7
@@
# Blosxom
# Author: Rael Dornfest (2002-2003), The Blosxom Development Team (2005-2008)
# Blosxom
# Author: Rael Dornfest (2002-2003), The Blosxom Development Team (2005-2008)
-# Version: 2.1.1 ($Id: blosxom.cgi,v 1.8
3 2008/07/30 22:27:02
xtaran Exp $)
+# Version: 2.1.1 ($Id: blosxom.cgi,v 1.8
4 2008/10/02 01:05:34
xtaran Exp $)
# Home/Docs/Licensing: http://blosxom.sourceforge.net/
# Development/Downloads: http://sourceforge.net/projects/blosxom
# Home/Docs/Licensing: http://blosxom.sourceforge.net/
# Development/Downloads: http://sourceforge.net/projects/blosxom
@@
-214,6
+214,23
@@
if (! ($flavour = param('flav'))) {
}
$flavour ||= $default_flavour;
}
$flavour ||= $default_flavour;
+# Fix XSS in flavour name (CVE-2008-2236)
+$flavour = blosxom_html_escape($flavour);
+
+sub blosxom_html_escape {
+ my $string = shift;
+ my %escape = (
+ '<' => '<',
+ '>' => '>',
+ '&' => '&',
+ '"' => '"',
+ "'" => '''
+ );
+ my $escape_re = join '|' => keys %escape;
+ $string =~ s/($escape_re)/$escape{$1}/g;
+ $string;
+}
+
# Global variable to be used in head/foot.{flavour} templates
$path_info = '';
# Add all @path_info elements to $path_info till we come to one that could be a year
# Global variable to be used in head/foot.{flavour} templates
$path_info = '';
# Add all @path_info elements to $path_info till we come to one that could be a year