From a5ead0b9c9e8dff8a66b3aed61145bd454d13e2b Mon Sep 17 00:00:00 2001
From: NotsoanoNimus <github@xmit.xyz>
Date: Tue, 30 May 2023 21:32:29 -0400
Subject: [PATCH] Escape Raw HTML in Outputs

https://xmit.xyz/security/dmarcd-for-death/
---
 dmarcts-report-viewer-report-data.php | 5 +++--
 dmarcts-report-viewer.php             | 4 ++--
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/dmarcts-report-viewer-report-data.php b/dmarcts-report-viewer-report-data.php
index 00f1a68..9fe3745 100644
--- a/dmarcts-report-viewer-report-data.php
+++ b/dmarcts-report-viewer-report-data.php
@@ -55,8 +55,9 @@ function tmpl_reportData($reportnumber, $reports, $host_lookup = 1) {
 
 	if (isset($reports[$reportnumber])) {
 		$row = $reports[$reportnumber];
-
+		
 		$row['raw_xml'] = formatXML($row['raw_xml'], $reportnumber);
+		$row = array_map('html_escape', $row);
 
 		$reportdata[] = "<div id='report_desc_container' class='center reportdesc_container'>";
 		$reportdata[] = "<div id='report_desc' class='center reportdesc'  class='hilighted' onmouseover='highlight(this);' onmouseout='unhighlight(this);' onclick='pin(this)'>Report from ".$row['org']." for ".$row['domain']."<br>". format_date($row['mindate'], $cookie_options['date_format']). " to ".format_date($row['maxdate'], $cookie_options['date_format'])."<br> Policies: adkim=" . $row['policy_adkim'] . ", aspf=" . $row['policy_aspf'] .  ", p=" . $row['policy_p'] .  ", sp=" . $row['policy_sp'] .  ", pct=" . $row['policy_pct'] . "</div>";
@@ -151,7 +152,7 @@ function tmpl_reportData($reportnumber, $reports, $host_lookup = 1) {
 		$row = array_map('html_escape', $row);
 
 		$reportdata[] = "    <tr id='line" . $row['id'] . "' class='" . get_dmarc_result($row)['color'] . "' title='DMARC Result: " . get_dmarc_result($row)['result'] . "'  onmouseover='highlight(this);' onmouseout='unhighlight(this);' onclick='pin(this);'>";
-		$reportdata[] = "      <td>". $ip. "</td>";
+		$reportdata[] = "      <td>". htmlspecialchars($ip) . "</td>";
 		if ( $host_lookup ) {
 			$reportdata[] = "      <td>". gethostbyaddr($ip). "</td>";
 		} else {
diff --git a/dmarcts-report-viewer.php b/dmarcts-report-viewer.php
index 7b42cc6..e93e81e 100644
--- a/dmarcts-report-viewer.php
+++ b/dmarcts-report-viewer.php
@@ -148,7 +148,7 @@ function html ($domains = array(), $orgs = array(), $periods = array() ) {
 		$html[] = "<option " . ( $cookie_options['Domain'] ? "" : "selected=\"selected\" " ) . "value=\"all\">[all]</option>";
 
 		foreach( $domains as $d) {
-			$html[] = "<option " . ( $cookie_options['Domain'] == $d ? "selected=\"selected\" " : "" ) . "value=\"$d\">$d</option>";
+			$html[] = "<option " . ( $cookie_options['Domain'] == $d ? "selected=\"selected\" " : "" ) . "value=\"".htmlspecialchars($d)."\">".htmlspecialchars($d)."</option>";
 		}
 
 		$html[] = "</select>";
@@ -164,7 +164,7 @@ function html ($domains = array(), $orgs = array(), $periods = array() ) {
 		$html[] = "<option " . ( $cookie_options['Organisation'] ? "" : "selected=\"selected\" " ) . "selected=\"selected\" value=\"all\">[all]</option>";
 
 		foreach( $orgs as $o) {
-			$html[] = "<option " . ( $cookie_options['Organisation'] == $o ? "selected=\"selected\" " : "" ) . "value=\"$o\">" . ( strlen( $o ) > 25 ? substr( $o, 0, 22) . "..." : $o ) . "</option>";
+			$html[] = "<option " . ( $cookie_options['Organisation'] == $o ? "selected=\"selected\" " : "" ) . "value=\"".htmlspecialchars($o)."\">" . ( strlen( $o ) > 25 ? htmlspecialchars(substr( $o, 0, 22)) . "..." : htmlspecialchars($o) ) . "</option>";
 		}
 
 		$html[] = "</select>";