brian 96/05/27 17:35:20
Modified: support unescape.c
Log:
Submitted by: Brian Behlendorf
Obtained from: "[EMAIL PROTECTED]"?
Removed hole through which carriage returns could be passed to shell scripts.
Revision Changes Path
1.2 +1 -1 apache/support/unescape.c
Index: unescape.c
===================================================================
RCS file: /export/home/cvs/apache/support/unescape.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -C3 -r1.1 -r1.2
*** unescape.c 1996/01/14 18:49:49 1.1
--- unescape.c 1996/05/28 00:35:17 1.2
***************
*** 52,58 ****
l=strlen(cmd);
for(x=0;cmd[x];x++) {
! if(ind("&;`'|*?-~<>^()[]{}$\\",cmd[x]) != -1){
for(y=l+1;y>x;y--)
cmd[y] = cmd[y-1];
l++; /* length has been increased */
--- 52,58 ----
l=strlen(cmd);
for(x=0;cmd[x];x++) {
! if(ind("&;`'|*?-~<>^()[]{}$\\\n",cmd[x]) != -1){
for(y=l+1;y>x;y--)
cmd[y] = cmd[y-1];
l++; /* length has been increased */
