[Fedora-directory-commits] adminutil/include/libadminutil admutil.h, 1.6, 1.7
Noriko Hosoi (nhosoi)
fedora-directory-commits at redhat.com
Tue May 15 00:53:35 UTC 2007
Author: nhosoi
Update of /cvs/dirsec/adminutil/include/libadminutil
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26162/include/libadminutil
Modified Files:
admutil.h
Log Message:
Resolves: #186280
Summary: Close potential security vulnerabilities in CGI code (Comment #30,#31)
Description: Added the code to escape html characters
Index: admutil.h
===================================================================
RCS file: /cvs/dirsec/adminutil/include/libadminutil/admutil.h,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- admutil.h 4 Apr 2007 19:37:41 -0000 1.6
+++ admutil.h 15 May 2007 00:53:33 -0000 1.7
@@ -429,10 +429,14 @@
/* form_post.c */
PR_IMPLEMENT(char) **get_input_ptr(void);
-/* Unescape an encoded form variable. */
+/* Unescape an %-encoded form variable. */
/* form_post.c */
PR_IMPLEMENT(void) form_unescape(char *str);
+/* Unescape an %-encoded form variable; escape <, >, &, ", ' */
+/* form_post.c */
+PR_IMPLEMENT(char *) form_unescape_url_escape_html(char *str);
+
/* Initialize a form "post" using the GET method. Send this fn the QS
* directly.*/
/* form_post.c */
More information about the Fedora-directory-commits
mailing list