diff options
author | Lukasz Janyst | 2011-03-05 14:10:55 +0100 |
---|---|---|
committer | Lars Hjemli | 2011-03-05 14:13:06 +0100 |
commit | 7f3c6e0ce9b41142cf2707af100992acdce059df (patch) | |
tree | 119a1920c85adcc65017afc8d9d95ab3e2bafef4 | |
parent | Merge branch 'stable' (diff) | |
download | cgit-7f3c6e0ce9b41142cf2707af100992acdce059df.tar.gz cgit-7f3c6e0ce9b41142cf2707af100992acdce059df.zip |
ui-diff.c: avoid html injection
When path-filtering was used in commit-view, the path filter was included without proper html escaping. This patch closes the hole. Signed-off-by: Lukasz Janyst <ljanyst@cern.ch> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
-rw-r--r-- | ui-diff.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/ui-diff.c b/ui-diff.c index a53425d..a7bc667 100644 --- a/ui-diff.c +++ b/ui-diff.c | |||
@@ -172,8 +172,11 @@ void cgit_print_diffstat(const unsigned char *old_sha1, | |||
172 | html("<div class='diffstat-header'>"); | 172 | html("<div class='diffstat-header'>"); |
173 | cgit_diff_link("Diffstat", NULL, NULL, ctx.qry.head, ctx.qry.sha1, | 173 | cgit_diff_link("Diffstat", NULL, NULL, ctx.qry.head, ctx.qry.sha1, |
174 | ctx.qry.sha2, NULL, 0); | 174 | ctx.qry.sha2, NULL, 0); |
175 | if (prefix) | 175 | if (prefix) { |
176 | htmlf(" (limited to '%s')", prefix); | 176 | html(" (limited to '"); |
177 | html_txt(prefix); | ||
178 | html("')"); | ||
179 | } | ||
177 | html(" ("); | 180 | html(" ("); |
178 | ctx.qry.context = (save_context > 0 ? save_context : 3) << 1; | 181 | ctx.qry.context = (save_context > 0 ? save_context : 3) << 1; |
179 | cgit_self_link("more", NULL, NULL, &ctx); | 182 | cgit_self_link("more", NULL, NULL, &ctx); |