ui-plain.c: fix html and links generated by print_dir() and print_dir_entry() - cgit-pink

diff options

author	Lars Hjemli <hjemli@gmail.com>	2011-06-12 20:49:35 +0000
committer	Lars Hjemli <hjemli@gmail.com>	2011-06-12 21:21:30 +0000
commit	7f88d20823ad9d375900657334bc27793860f6ee (patch)
tree	c9f9a0048cae2d94e97138e9ea82e2a103b215ad /filters/html-converters
parent	scan-tree.c: avoid memory leak (diff)
download	cgit-pink-7f88d20823ad9d375900657334bc27793860f6ee.tar.gz cgit-pink-7f88d20823ad9d375900657334bc27793860f6ee.zip

ui-plain.c: fix html and links generated by print_dir() and print_dir_entry()

This patch fixes the following issues:
* the base argument usually isn't zero-terminated, so printing base
  without considering baselen will usually generate random garbage
* when the current url represents a directory but doesn't end in a slash,
  relative urls would be incorrect
* using unescaped paths allows XSS

Signed-off-by: Lars Hjemli <hjemli@gmail.com>

Diffstat (limited to 'filters/html-converters')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: