1
0
mirror of https://github.com/gophernicus/gophernicus.git synced 2024-12-04 14:46:37 -05:00

Fix URI inserting aribitary scripts

Fixes #118
Fixes #117

Encodes characters using html percent encoding.

I hope this is correct, I'm pretty sure it is, but can't be certain
right now.
This commit is contained in:
fosslinux 2024-02-27 22:12:52 +11:00
parent ac249aaeef
commit a00fa5330d
3 changed files with 32 additions and 3 deletions

View File

@ -107,10 +107,13 @@ void send_text_file(state *st)
*/
void url_redirect(state *st)
{
char dest[BUFSIZE];
char unsafe[BUFSIZE];
/* Basic security checking */
sstrlcpy(dest, st->req_selector + 4);
sstrlcpy(unsafe, st->req_selector + 4);
char dest[BUFSIZE];
html_encode(unsafe, dest, BUFSIZE);
if (sstrncmp(dest, "http://") != MATCH &&
sstrncmp(dest, "https://") != MATCH &&

View File

@ -107,6 +107,27 @@ void footer(state *st)
}
}
void html_encode(const char *unsafe, char *dest, int bufsize)
{
char literals[] = "!#$&'()*+,/:;=?@[]-_.~";
int i = 0, j = 0;
while (unsafe[i] != '\0') {
if (j >= bufsize - 5) {
break;
}
if (strchr(literals, unsafe[i]) ||
(unsafe[i] >= 'a' && unsafe[i] <= 'z') ||
(unsafe[i] >= 'A' && unsafe[i] <= 'Z') ||
(unsafe[i] >= '0' && unsafe[i] <= '9')) {
dest[j] = unsafe[i];
i += 1;
j += 1;
} else {
j += snprintf(&dest[j], BUFSIZE - j, "%%%02x", unsafe[i]);
i += 1;
}
}
}
/*
* Print error message & exit
@ -134,13 +155,17 @@ void die(state *st, const char *message, const char *description)
/* Handle HTML errors */
else if (st->req_filetype == TYPE_HTML) {
char safe_message[BUFSIZE];
html_encode(message, safe_message, BUFSIZE);
char safe_description[BUFSIZE];
html_encode(description, safe_description, BUFSIZE);
printf("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\n"
"<HTML>\n<HEAD>\n"
" <META HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html;charset=iso-8859-1\">\n"
" <TITLE>" ERROR_PREFIX "%1$s %2$s</TITLE>\n"
"</HEAD>\n<BODY>\n"
"<STRONG>" ERROR_PREFIX "%1$s %2$s</STRONG>\n"
"<PRE>", message, description);
"<PRE>", safe_message, safe_description);
footer(st);
printf("</PRE>\n</BODY>\n</HTML>\n");
}

View File

@ -446,6 +446,7 @@ void info(state *st, char *str, char type);
void footer(state *st);
void die(state *st, const char *message, const char *description);
void log_combined(state *st, int status);
void html_encode(const char *unsafe, char *dest, int bufsize);
/* file.c */
void send_binary_file(state *st);