rasmus Sun May 8 13:24:39 2005 EDT
Modified files:
/php-src/ext/standard info.c
Log:
Fix request_uri XSS on phpinfo() page
http://cvs.php.net/diff.php/php-src/ext/standard/info.c?r1=1.246&r2=1.247&ty=u
Index: php-src/ext/standard/info.c
diff -u php-src/ext/standard/info.c:1.246 php-src/ext/standard/info.c:1.247
--- php-src/ext/standard/info.c:1.246 Sun Feb 27 03:12:12 2005
+++ php-src/ext/standard/info.c Sun May 8 13:24:38 2005
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: info.c,v 1.246 2005/02/27 08:12:12 pollita Exp $ */
+/* $Id: info.c,v 1.247 2005/05/08 17:24:38 rasmus Exp $ */
#include "php.h"
#include "php_ini.h"
@@ -406,7 +406,9 @@
if (expose_php && !sapi_module.phpinfo_as_text) {
PUTS("<a href=\"http://www.php.net/\";><img border=\"0\"
src=\"");
if (SG(request_info).request_uri) {
- PUTS(SG(request_info).request_uri);
+ char *elem_esc =
php_info_html_esc(SG(request_info).request_uri TSRMLS_CC);
+ PUTS(elem_esc);
+ efree(elem_esc);
}
PUTS("?=");
logo_guid = php_logo_guid();
@@ -592,7 +594,9 @@
if (expose_php && !sapi_module.phpinfo_as_text) {
PUTS("<a href=\"http://www.zend.com/\";><img
border=\"0\" src=\"");
if (SG(request_info).request_uri) {
- PUTS(SG(request_info).request_uri);
+ char *elem_esc =
php_info_html_esc(SG(request_info).request_uri TSRMLS_CC);
+ PUTS(elem_esc);
+ efree(elem_esc);
}
PUTS("?="ZEND_LOGO_GUID"\" alt=\"Zend logo\" /></a>\n");
}
@@ -611,7 +615,9 @@
php_info_print_hr();
PUTS("<h1><a href=\"");
if (SG(request_info).request_uri) {
- PUTS(SG(request_info).request_uri);
+ char *elem_esc =
php_info_html_esc(SG(request_info).request_uri TSRMLS_CC);
+ PUTS(elem_esc);
+ efree(elem_esc);
}
PUTS("?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000\">");
PUTS("PHP Credits");
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
