]> git.pld-linux.org Git - packages/courier.git/blame - courier-webmail-sec_fix.patch
projects / packages / courier.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- BR: courier-authlib-devel >= 0.57
[packages/courier.git] / courier-webmail-sec_fix.patch
CommitLineData
d27a4a36
AA		 1diff -Nur old/webmail/html.c new/webmail/html.c
2--- old/webmail/html.c 2003-10-06 00:16:13.000000000 +0000
3+++ new/webmail/html.c 2005-08-31 21:32:48.117085448 +0000
4@@ -187,9 +187,16 @@
5 if (tai) ++tai->tagvaluelen;
6 }
7 if (*p) p++;
8+ else
9+ {
10+ memset(tagbuf, ' ', strlen(tagbuf));
11+ }
12 }
13 else
14 {
15+ if (c == 0)
16+ memset(tagbuf, ' ', strlen(tagbuf));
17+
18 if (tai)
19 {
20 tai->tagvalue=p;
21@@ -222,6 +229,31 @@
22 while ((p=strchr(tagbuf, '<')) != NULL)
23 *p=' ';
24
25+ for (p=tagbuf; *p; p++)
26+ {
27+ char *q;
28+
29+ if (*p != '&')
30+ continue;
31+
32+ q=p;
33+
34+ ++p;
35+
36+ while (*p)
37+ {
38+ if (strchr("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789", *p) == NULL)
39+ break;
40+ ++p;
41+ }
42+
43+ if (*p != ';')
44+ {
45+ *q=0;
46+ }
47+ --p;
48+ }
49+
50 tagattrlen=parseattr(0);
51 if ( tagattrlen > tagattrsize)
52 {
Courier mail server
This page took 0.092256 seconds and 4 git commands to generate.