crtxcr
/
cgitsb
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix potential XSS vulnerability in rename hint 

The file name displayed in the rename hint should be escaped to avoid
XSS. Note that this vulnerability is only applicable when an attacker
has gained push access to the repository.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This commit is contained in:
Lukas Fleischer 2011-07-22 13:47:19 +02:00 committed by Lars Hjemli
parent 1e25ac5b8f
commit bebe89d7c1
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ui-diff.c
View File

@ -97,10 +97,12 @@ static void print_fileinfo(struct fileinfo *info)
htmlf("</td><td class='%s'>", class);
cgit_diff_link(info->new_path, NULL, NULL, ctx.qry.head, ctx.qry.sha1,
ctx.qry.sha2, info->new_path, 0);
if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED)
htmlf(" (%s from %s)",
info->status == DIFF_STATUS_COPIED ? "copied" : "renamed",
info->old_path);
if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) {
htmlf(" (%s from ",
info->status == DIFF_STATUS_COPIED ? "copied" : "renamed");
html_txt(info->old_path);
html(")");
}
html("</td><td class='right'>");
if (info->binary) {
htmlf("bin</td><td class='graph'>%ld -> %ld bytes",