aniani/icecast-server
1
0
Fork 0
mirror of https://gitlab.xiph.org/xiph/icecast-server.git synced 2024-12-04 14:46:30 -05:00
Code

Fix invalid entities in listclient xml

Browse Source 
This fixes a bug where listener Referer or User-Agent strings containing
a sequence like `&T;` was not escaped properly and therefore made the
whole XML document invalid.
Injecting new XML nodes (<foo></foo>) was not possible, it seems in the
worse case all it could cause was that the XML failed to parse.

Fix #2255
This commit is contained in:
Marvin Scholz 2016-02-08 23:02:02 +01:00
parent 235527192c
commit d739c65e54
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/admin.c
View File

@ -680,20 +680,20 @@ static inline xmlNodePtr __add_listener(client_t *client,
tmp = httpp_getvar(client->parser, "user-agent");
if (tmp)
xmlNewChild(node, NULL, XMLSTR(mode == OMODE_LEGACY ? "UserAgent" : "useragent"), XMLSTR(tmp));
xmlNewTextChild(node, NULL, XMLSTR(mode == OMODE_LEGACY ? "UserAgent" : "useragent"), XMLSTR(tmp));
tmp = httpp_getvar(client->parser, "referer");
if (tmp)
xmlNewChild(node, NULL, XMLSTR("referer"), XMLSTR(tmp));
xmlNewTextChild(node, NULL, XMLSTR("referer"), XMLSTR(tmp));
snprintf(buf, sizeof(buf), "%lu", (unsigned long)(now - client->con->con_time));
xmlNewChild(node, NULL, XMLSTR(mode == OMODE_LEGACY ? "Connected" : "connected"), XMLSTR(buf));
if (client->username)
xmlNewChild(node, NULL, XMLSTR("username"), XMLSTR(client->username));
xmlNewTextChild(node, NULL, XMLSTR("username"), XMLSTR(client->username));
if (client->role)
xmlNewChild(node, NULL, XMLSTR("role"), XMLSTR(client->role));
xmlNewTextChild(node, NULL, XMLSTR("role"), XMLSTR(client->role));
#ifdef HAVE_OPENSSL
xmlNewChild(node, NULL, XMLSTR("tls"), XMLSTR(client->con->ssl ? "true" : "false"));