commit 9575fc812c983ac82179b7478a91e5982be1baed
parent 97076d0cdadce963be63a40c2107012155627b83
Author: ukai <ukai>
Date: Tue, 26 Nov 2002 16:58:48 +0000
w3m 0.3.2.1 security fix
* frame.c (createFrameFile): html_quote()
From: Hironori SAKAMOTO <hsaka@mth.biglobe.ne.jp>
Diffstat:
2 files changed, 14 insertions(+), 7 deletions(-)
diff --git a/ChangeLog b/ChangeLog
@@ -1,5 +1,10 @@
2002-11-27 Hironori SAKAMOTO <hsaka@mth.biglobe.ne.jp>
+ * w3m 0.3.2.1 security fix
+ * frame.c (createFrameFile): html_quote()
+
+2002-11-27 Hironori SAKAMOTO <hsaka@mth.biglobe.ne.jp>
+
* [w3m-dev 03486] fix of displayLineInfo
* display.c (displayBuffer): don't divide by 0
diff --git a/frame.c b/frame.c
@@ -519,14 +519,15 @@ createFrameFile(struct frameset *f, FILE * f1, Buffer *current, int level,
frame.body->attr = F_UNLOADED;
if (frame.body->flags & FB_NO_BUFFER)
fprintf(f1, "Open %s with other method",
- frame.body->url);
+ html_quote(frame.body->url));
else if (frame.body->url)
- fprintf(f1, "Can't open %s", frame.body->url);
+ fprintf(f1, "Can't open %s",
+ html_quote(frame.body->url));
else
fprintf(f1,
"This frame (%s) contains no src attribute",
- frame.body->name ? frame.body->
- name : "(no name)");
+ frame.body->name ? html_quote(frame.body->name)
+ : "(no name)");
break;
}
parseURL2(frame.body->url, &base, currentURL);
@@ -620,7 +621,7 @@ createFrameFile(struct frameset *f, FILE * f1, Buffer *current, int level,
/* prohibit_tags */
Strshrinkfirst(tok, 1);
Strshrink(tok, 1);
- fprintf(f1, "<!-- %s -->", tok->ptr);
+ fprintf(f1, "<!-- %s -->", html_quote(tok->ptr));
goto token_end;
case HTML_TABLE:
t_stack++;
@@ -633,7 +634,7 @@ createFrameFile(struct frameset *f, FILE * f1, Buffer *current, int level,
Strshrink(tok, 1);
fprintf(f1,
"<!-- table stack underflow: %s -->",
- tok->ptr);
+ html_quote(tok->ptr));
goto token_end;
}
break;
@@ -653,7 +654,8 @@ createFrameFile(struct frameset *f, FILE * f1, Buffer *current, int level,
if (!t_stack) {
Strshrinkfirst(tok, 1);
Strshrink(tok, 1);
- fprintf(f1, "<!-- %s -->", tok->ptr);
+ fprintf(f1, "<!-- %s -->",
+ html_quote(tok->ptr));
goto token_end;
}