Skip to content
Permalink
Browse files Browse the repository at this point in the history
Escape untrusted params
  • Loading branch information
jcameron committed Jun 12, 2017
1 parent cca627a commit a330e91
Showing 1 changed file with 12 additions and 6 deletions.
18 changes: 12 additions & 6 deletions man/view_man.cgi
Expand Up @@ -43,8 +43,8 @@ SECT: foreach $sec (@sects) {
}
}
if (!$found) {
print "<p><b>",&text('man_noentry', "<tt>$in{'page'}</tt>"),
"</b><p>\n";
print "<p><b>",&text('man_noentry',
"<tt>".&html_escape($in{'page'})."</tt>"),"</b><p>\n";
}
else {
if (&has_command($config{'man2html_path'})) {
Expand Down Expand Up @@ -86,13 +86,19 @@ else {
$out =~ s/<A HREF="file:[^"]+">([^<]+)<\/a>/$1/ig;
$out =~ s/<A HREF="view_man.cgi">/<A HREF=\"\">/i;
}
&show_view_table(&text('man_header', $in{'page'}, $in{'sec'}),
$out);
&show_view_table(
&text('man_header',
&html_escape($in{'page'}),
&html_escape($in{'sec'})),
$out);
} else {
$out =~ s/.\010//g;
$out =~ s/^(man:\s*)?(re)?formatting.*//i;
&show_view_table(&text('man_header', $in{'page'}, $in{'sec'}),
"<pre>".&html_escape($out)."</pre>");
&show_view_table(
&text('man_header',
&html_escape($in{'page'}),
&html_escape($in{'sec'})),
"<pre>".&html_escape($out)."</pre>");
}
}

Expand Down

0 comments on commit a330e91

Please sign in to comment.