diff options
| author | Jason A. Donenfeld <Jason@zx2c4.com> | 2016-01-14 14:28:37 +0100 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2016-01-14 14:28:37 +0100 |
| commit | 513b3863d999f91b47d7e9f26710390db55f9463 (patch) | |
| tree | f704af1ea3f8da9b3b2904fbe8ed8233278314c6 /html.c | |
| parent | ui-shared: Avoid new line injection into redirect header (diff) | |
| download | cgit-pink-513b3863d999f91b47d7e9f26710390db55f9463.tar.gz cgit-pink-513b3863d999f91b47d7e9f26710390db55f9463.zip | |
ui-shared: prevent malicious filename from injecting headers
Diffstat (limited to '')
| -rw-r--r-- | html.c | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/html.c b/html.c index 959148c..d89df3a 100644 --- a/html.c +++ b/html.c @@ -239,6 +239,32 @@ void html_url_arg(const char *txt) html(txt); } +void html_header_arg_in_quotes(const char *txt) +{ + const char *t = txt; + while (t && *t) { + unsigned char c = *t; + const char *e = NULL; + if (c == '\\') + e = "\\\\"; + else if (c == '\r') + e = "\\r"; + else if (c == '\n') + e = "\\n"; + else if (c == '"') + e = "\\\""; + if (e) { + html_raw(txt, t - txt); + html(e); + txt = t + 1; + } + t++; + } + if (t != txt) + html(txt); + +} + void html_hidden(const char *name, const char *value) { html("<input type='hidden' name='"); |