From a67a48107f8996a6c753fdd02d15e234dbd17ceb Mon Sep 17 00:00:00 2001 From: Francois Andriot Date: Sat, 1 Jun 2013 18:08:42 +0200 Subject: Fix security issue when displaying certificate informations (CVE-2011-3365) --- tdeioslave/http/http.cc | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) (limited to 'tdeioslave') diff --git a/tdeioslave/http/http.cc b/tdeioslave/http/http.cc index a492221d5..fd7c0bfb5 100644 --- a/tdeioslave/http/http.cc +++ b/tdeioslave/http/http.cc @@ -184,6 +184,27 @@ static TQString sanitizeCustomHTTPHeader(const TQString& _header) return sanitizedHeaders.stripWhiteSpace(); } +static TQString htmlEscape(const TQString &plain) +{ + TQString rich; + rich.reserve(uint(plain.length() * 1.1)); + for (uint i = 0; i < plain.length(); ++i) { + if (plain.at(i) == '<') { + rich += "<"; + } else if (plain.at(i) == '>') { + rich += ">"; + } else if (plain.at(i) == '&') { + rich += "&"; + } else if (plain.at(i) == '"') { + rich += """; + } else { + rich += plain.at(i); + } + } + rich.squeeze(); + return rich; +} + #define NO_SIZE ((TDEIO::filesize_t) -1) @@ -5186,7 +5207,7 @@ void HTTPProtocol::promptInfo( AuthInfo& info ) info.verifyPath = false; info.digestInfo = m_strAuthorization; info.commentLabel = i18n( "Site:" ); - info.comment = i18n("%1 at %2").arg( m_strRealm ).arg( m_request.hostname ); + info.comment = i18n("%1 at %2").arg( htmlEscape(m_strRealm) ).arg( m_request.hostname ); } } else if ( m_responseCode == 407 ) @@ -5203,7 +5224,7 @@ void HTTPProtocol::promptInfo( AuthInfo& info ) info.verifyPath = false; info.digestInfo = m_strProxyAuthorization; info.commentLabel = i18n( "Proxy:" ); - info.comment = i18n("%1 at %2").arg( m_strProxyRealm ).arg( m_proxyURL.host() ); + info.comment = i18n("%1 at %2").arg( htmlEscape(m_strProxyRealm) ).arg( m_proxyURL.host() ); } } } -- cgit v1.2.1