mirror/zx2c4.cgit
1
0
Fork 0
mirror of https://git.zx2c4.com/cgit synced 2025-06-28 20:40:22 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix potential XSS vulnerability in rename hint

Browse source 
The file name displayed in the rename hint should be escaped to avoid
XSS. Note that this vulnerability is only applicable when an attacker
has gained push access to the repository.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This commit is contained in:
Lukas Fleischer 2011-07-22 13:47:19 +02:00 committed by Lars Hjemli
parent 1e25ac5b8f
commit bebe89d7c1
1 changed files with 6 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

10
ui-diff.c
View file

@ -97,10 +97,12 @@ static void print_fileinfo(struct fileinfo *info)
htmlf("</td><td class='%s'>", class);
cgit_diff_link(info->new_path, NULL, NULL, ctx.qry.head, ctx.qry.sha1,
ctx.qry.sha2, info->new_path, 0);
if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED)
htmlf(" (%s from %s)",
info->status == DIFF_STATUS_COPIED ? "copied" : "renamed",
info->old_path);
if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) {
htmlf(" (%s from ",
info->status == DIFF_STATUS_COPIED ? "copied" : "renamed");
html_txt(info->old_path);
html(")");
}
html("</td><td class='right'>");
if (info->binary) {
htmlf("bin</td><td class='graph'>%ld -> %ld bytes",