diff options
| author | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-04-10 18:48:56 +0000 |
|---|---|---|
| committer | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-04-10 18:48:56 +0000 |
| commit | 069c6d0dcfdf06660a7984d12bc3afb07d272373 (patch) | |
| tree | cf03ad5632bcf14085d983784060898ce5091917 | |
| parent | 3ea60be8a53cbe26857bb0843368c7f4b38ffb36 (diff) | |
| download | pki-069c6d0dcfdf06660a7984d12bc3afb07d272373.tar.gz pki-069c6d0dcfdf06660a7984d12bc3afb07d272373.tar.xz pki-069c6d0dcfdf06660a7984d12bc3afb07d272373.zip | |
Bugzilla Bug #223353 - Values entered through web ui are not checked/escaped
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@381 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
22 files changed, 200 insertions, 53 deletions
diff --git a/pki/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java index 8b764eb97..098be45dd 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java @@ -742,4 +742,29 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe } return p.substitute2("request", attrSet); } + + protected StringBuffer escapeValueRfc1779(String v, boolean doubleEscape) + { + StringBuffer result = new StringBuffer(); + + // Do we need to escape any characters + for (int i = 0; i < v.length(); i++) { + int c = v.charAt(i); + if (c == ',' || c == '=' || c == '+' || c == '<' || + c == '>' || c == '#' || c == ';' || c == '\r' || + c == '\n' || c == '\\' || c == '"') { + result.append('\\'); + if (doubleEscape) result.append('\\'); + } + if (c == '\r') { + result.append("0D"); + } else if (c == '\n') { + result.append("0A"); + } else { + result.append((char)c); + } + } + return result; + } + } diff --git a/pki/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java index ca33ca6e1..a53b98fa3 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java @@ -415,8 +415,8 @@ ldapInit(); if (la != null) { String[] sla = la.getStringValueArray(); CMS.debug("nsTokenUserKeySubjectNameDefault: getSubjectName(): got attribute: "+mLdapStringAttrs[i]+ - "=" +sla[0]); - request.setExtData(mLdapStringAttrs[i], sla[0]); + "=" + escapeValueRfc1779(sla[0], false).toString()); + request.setExtData(mLdapStringAttrs[i], escapeValueRfc1779(sla[0], false).toString()); } } //cfu diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java index 1f1daec25..dceb44239 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java @@ -2122,5 +2122,30 @@ public abstract class CMSServlet extends HttpServlet { CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", ee.toString())); } } + + protected StringBuffer escapeValueRfc1779(String v, boolean doubleEscape) + { + StringBuffer result = new StringBuffer(); + + // Do we need to escape any characters + for (int i = 0; i < v.length(); i++) { + int c = v.charAt(i); + if (c == ',' || c == '=' || c == '+' || c == '<' || + c == '>' || c == '#' || c == ';' || c == '\r' || + c == '\n' || c == '\\' || c == '"') { + result.append('\\'); + if (doubleEscape) result.append('\\'); + } + if (c == '\r') { + result.append("0D"); + } else if (c == '\n') { + result.append("0A"); + } else { + result.append((char)c); + } + } + return result; + } + } diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java b/pki/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java index cd51dd659..409a12754 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java @@ -195,29 +195,6 @@ public class SrchCerts extends CMSServlet { } } - private StringBuffer escapeValueRfc1779(String v) - { - StringBuffer result = new StringBuffer(); - - // Do we need to escape any characters - for (int i = 0; i < v.length(); i++) { - int c = v.charAt(i); - if (c == ',' || c == '=' || c == '+' || c == '<' || - c == '>' || c == '#' || c == ';' || c == '\r' || - c == '\n' || c == '\\' || c == '"') { - result.append('\\'); - } - if (c == '\r') { - result.append("0D"); - } else if (c == '\n') { - result.append("0A"); - } else { - result.append((char)c); - } - } - return result; - } - private void buildAVAFilter(HttpServletRequest req, String paramName, String avaName, StringBuffer lf, String match) { @@ -228,12 +205,12 @@ public class SrchCerts extends CMSServlet { lf.append("(x509cert.subject=*"); lf.append(avaName); lf.append("="); - lf.append(escapeValueRfc1779(val)); + lf.append(escapeValueRfc1779(val, true)); lf.append(",*)"); lf.append("(x509cert.subject=*"); lf.append(avaName); lf.append("="); - lf.append(escapeValueRfc1779(val)); + lf.append(escapeValueRfc1779(val, true)); lf.append(")"); lf.append(")"); } else { @@ -241,7 +218,7 @@ public class SrchCerts extends CMSServlet { lf.append(avaName); lf.append("="); lf.append("*"); - lf.append(escapeValueRfc1779(val)); + lf.append(escapeValueRfc1779(val, true)); lf.append("*)"); } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java index 8d6166dbd..947ba42a9 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java +++ b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java @@ -372,7 +372,7 @@ public class CMSTemplate extends CMSFile { for (int i = 0; i < l; i++) { char c = in[i]; - if (c > 0x23) { + if ((c > 0x23) && (c!= 0x5c)) { out[j++] = c; continue; } @@ -407,6 +407,7 @@ public class CMSTemplate extends CMSFile { out[j++] = c; } } + String ret = new String(out,0,j); return new String(out, 0, j); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java index ff4c8d7bf..3c13eda56 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java @@ -328,7 +328,8 @@ public class ProfileServlet extends CMSServlet { for (int i = 0; i < l; i++) { char c = in[i]; - if (c > 0x23) { + /* presumably this gives better performance */ + if ((c > 0x23) && (c != 0x5c)) { out[j++] = c; continue; } diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java index 894ecd49d..6a5263fcf 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java @@ -107,9 +107,13 @@ public class ProfileSubmitServlet extends ProfileServlet { while (inputNames.hasMoreElements()) { String inputName = (String) inputNames.nextElement(); - if (request.getParameter(inputName) != null) { - ctx.set(inputName, request.getParameter(inputName)); + // all subject name parameters start with sn_, no other input parameters do + if (inputName.matches("^sn_.*")) { + ctx.set(inputName, escapeValueRfc1779(request.getParameter(inputName), false).toString()); + } else { + ctx.set(inputName, request.getParameter(inputName)); + } } } } @@ -306,7 +310,12 @@ public class ProfileSubmitServlet extends ProfileServlet { String inputName = (String) inputNames.nextElement(); if (request.getParameter(inputName) != null) { - req.setExtData(inputName, request.getParameter(inputName)); + // special characters in subject names parameters must be escaped + if (inputName.matches("^sn_.*")) { + req.setExtData(inputName, escapeValueRfc1779(request.getParameter(inputName), false).toString()); + } else { + req.setExtData(inputName, request.getParameter(inputName)); + } } } } @@ -351,7 +360,6 @@ public class ProfileSubmitServlet extends ProfileServlet { } - private void setOutputIntoArgs(IProfile profile, ArgList outputlist, Locale locale, IRequest req) { Enumeration outputIds = profile.getProfileOutputIds(); diff --git a/pki/base/tps/src/modules/tokendb/mod_tokendb.cpp b/pki/base/tps/src/modules/tokendb/mod_tokendb.cpp index 8ac1fa8db..aa5487948 100644 --- a/pki/base/tps/src/modules/tokendb/mod_tokendb.cpp +++ b/pki/base/tps/src/modules/tokendb/mod_tokendb.cpp @@ -547,6 +547,32 @@ char *getData( char *fileName, char *injection ) return buf; } +/** + * returns string with special characters escaped. Caller must free the contents + */ +char *escapeSpecialChars(char* src) +{ + char *ret; + int i =0; + + if (PL_strlen(src) == 0) { + return PL_strdup(src); + } + ret = (char *)PR_Malloc(PL_strlen(src) * 2 + 1); + + while (*src != '\0') { + if (*src == '"') { + ret[i++] = '\\'; + ret[i++] = '"'; + } else { + ret[i++] = *src; + } + src++; + } + ret[i]='\0'; + return ret; +} + void getCertificateFilter( char *filter, char *query ) { @@ -4119,7 +4145,12 @@ mod_tokendb_handler( request_rec *rq ) PL_strcat( injection, "\"" ); } - PL_strcat( injection, vals[i] ); + // make sure to escape any special characters + char *escaped = escapeSpecialChars(vals[i]); + PL_strcat( injection, escaped ); + if (escaped != NULL) { + PL_strfree(escaped); + } } if( i > v_start ) { diff --git a/pki/base/util/src/netscape/security/x509/LdapV3DNStrConverter.java b/pki/base/util/src/netscape/security/x509/LdapV3DNStrConverter.java index 68deca82f..e75947a8d 100644 --- a/pki/base/util/src/netscape/security/x509/LdapV3DNStrConverter.java +++ b/pki/base/util/src/netscape/security/x509/LdapV3DNStrConverter.java @@ -758,7 +758,11 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter if (specialChars.indexOf(valueStr.charAt(i)) != -1) { retval.append('\\'); retval.append(valueStr.charAt(i)); - } + } else + if (valueStr.charAt(i) == '"') { + retval.append('\\'); + retval.append(valueStr.charAt(i)); + } else retval.append(valueStr.charAt(i)); } diff --git a/pki/dogtag/ca-ui/dogtag-pki-ca-ui.spec b/pki/dogtag/ca-ui/dogtag-pki-ca-ui.spec index 0b28556c4..c73a62422 100644 --- a/pki/dogtag/ca-ui/dogtag-pki-ca-ui.spec +++ b/pki/dogtag/ca-ui/dogtag-pki-ca-ui.spec @@ -34,7 +34,7 @@ ## Package Header Definitions %define base_name %{base_ui_prefix}-%{base_prefix}-%{base_component} %define base_version 1.1.0 -%define base_release 1 +%define base_release 2 %define base_group System Environment/Base %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -222,6 +222,8 @@ rm -rf ${RPM_BUILD_ROOT} ############################################################################### %changelog +* Fri Apr 10 2009 Ade Lee <alee@redhat.com> 1.1.0-2 +- Bugzilla Bug #223353 - Values entered through web ui are not checked/escaped * Sat Apr 4 2009 Matthew Harmsen <mharmsen@redhat.com> 1.1.0-1 - Version update to Dogtag 1.1.0. * Tue Mar 31 2009 Andrew Wnuk <awnuk@redhat.com> 1.0.0-13 diff --git a/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/ProfileProcess.template b/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/ProfileProcess.template index baedde6a3..5d9c5a051 100644 --- a/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/ProfileProcess.template +++ b/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/ProfileProcess.template @@ -18,7 +18,15 @@ <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <CMS_TEMPLATE> + <script type="text/javascript"> +function addEscapes(str) +{ + var outStr = str.replace(/</g, "<"); + outStr = outStr.replace(/>/g, ">"); + return outStr; +} + document.writeln('<font size="+1" face="PrimaSans BT, Verdana, sans-serif">Request '); document.writeln(requestId); document.writeln('<br></font>'); @@ -30,6 +38,7 @@ document.writeln('<br></font>'); </tr> </table> <p> + <script type="text/javascript"> document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); document.writeln('<b>Request Information:</b>'); @@ -139,10 +148,10 @@ for (var i = 0; i < outputListSet.length; i++) { document.writeln('</tr>'); document.writeln('<td>'); if (outputListSet[i].outputSyntax == 'string') { - document.writeln(outputListSet[i].outputVal); + document.writeln(addEscapes(outputListSet[i].outputVal)); } else if (outputListSet[i].outputSyntax == 'pretty_print') { document.writeln('<pre>'); - document.writeln(outputListSet[i].outputVal); + document.writeln(addEscapes(outputListSet[i].outputVal)); document.writeln('</pre>'); } document.writeln('</td>'); diff --git a/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/ProfileReview.template b/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/ProfileReview.template index ca402f3f6..4ce5cbd09 100644 --- a/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/ProfileReview.template +++ b/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/ProfileReview.template @@ -25,8 +25,16 @@ TABLE { border-spacing: 0 0; } <script type="text/javascript"> function escapeValue(value) { - return value.replace('"','"'); + return value.replace(/"/g,'"'); } + +function addEscapes(str) +{ + var outStr = str.replace(/</g, "<"); + outStr = outStr.replace(/>/g, ">"); + return outStr; +} + document.writeln('<font size="+1" face="PrimaSans BT, Verdana, sans-serif">Request '); document.writeln(requestId); document.writeln('<br></font>'); @@ -230,7 +238,7 @@ document.writeln('</FONT>'); document.writeln('</td>'); document.writeln('<td>'); document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); - document.writeln(inputListSet[i].inputVal); + document.writeln(addEscapes(inputListSet[i].inputVal)); document.writeln('</FONT>'); document.writeln('</td>'); document.writeln('</tr>'); diff --git a/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/displayBySerial.template b/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/displayBySerial.template index d6f0e49e1..ce57fe591 100644 --- a/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/displayBySerial.template +++ b/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/displayBySerial.template @@ -75,6 +75,14 @@ function doReload() document.reloadForm.submit(); } } + +function addEscapes(str) +{ + var outStr = str.replace(/</g, "<"); + outStr = outStr.replace(/>/g, ">"); + return outStr; +} + //--> </SCRIPT> @@ -105,7 +113,7 @@ Certificate contents</font></td></tr></table> <pre> <SCRIPT type="text/javascript"> -document.write(result.header.certPrettyPrint); +document.write(addEscapes(result.header.certPrettyPrint)); </SCRIPT> </pre> diff --git a/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/queryReq.template b/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/queryReq.template index 1bee88abe..44756803a 100644 --- a/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/queryReq.template +++ b/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/queryReq.template @@ -164,6 +164,13 @@ function addSpaces(str) return outStr; } +function addEscapes(str) +{ + var outStr = str.replace(/</g, "<"); + outStr = outStr.replace(/>/g, ">"); + return outStr; +} + function renderDetailsButtonForProfile(serialNumber) { return '<form method=post '+ @@ -302,7 +309,7 @@ function displayRequest(i, req) document.write("<TD colspan=2>\n"+ "<div class='subject'><font size=-1 face=\"PrimaSans BT, Verdana, sans-serif\">\n"+ link+ - addSpaces(req.subject) + "</a></font></div></td></tr>\n"); + addSpaces(addEscapes(req.subject)) + "</a></font></div></td></tr>\n"); } else { document.write("<TD></TD><TD></TD></tr>\n"); } diff --git a/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/reasonToRevoke.template b/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/reasonToRevoke.template index 2b8b0334e..c935aa114 100644 --- a/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/reasonToRevoke.template +++ b/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/reasonToRevoke.template @@ -161,6 +161,13 @@ function addSpaces(str) return outStr; } +function addEscapes(str) +{ + var outStr = str.replace(/</g, "<"); + outStr = outStr.replace(/>/g, ">"); + return outStr; +} + function displayCertInfo() { document.write("<table border=\"0\" cellspacing=\"2\">"); @@ -180,7 +187,7 @@ function displayCertInfo() } if (result.recordSet[i].subject != null) { document.write(renderRow("Subject Name:", - addSpaces(result.recordSet[i].subject))); + addSpaces(addEscapes(result.recordSet[i].subject)))); } if ((result.recordSet[i].validNotBefore != null) && (result.recordSet[i].validNotAfter != null)) { diff --git a/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/srchCert.template b/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/srchCert.template index 1a33355c7..335757f1e 100644 --- a/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/srchCert.template +++ b/pki/dogtag/ca-ui/shared/webapps/ca/agent/ca/srchCert.template @@ -162,6 +162,13 @@ function addSpaces(str) return outStr; } +function addEscapes(str) +{ + var outStr = str.replace(/</g, "<"); + outStr = outStr.replace(/>/g, ">"); + return outStr; +} + function getRevocationReason(revocationReason) { var reasons = new Array("Unspecified", @@ -189,7 +196,7 @@ function displayCertificateRecord(cert) "<tr><td><font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">\n"+ "<a href=\"displayBySerial?op=displayBySerial&serialNumber=0x"+ cert.serialNumber + "\">"+renderHexNumber(cert.serialNumber,8) +"</a></font></td>\n"+ "<td colspan=\"2\"><font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">\n"+ -addSpaces(cert.subject) +"</font></td></tr>\n"+ +addSpaces(addEscapes(cert.subject)) +"</font></td></tr>\n"+ "<tr bgcolor=\"#e5e5e5\"><td>\n"+ "<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">\n"+ diff --git a/pki/dogtag/ca-ui/shared/webapps/ca/ee/ca/displayBySerial.template b/pki/dogtag/ca-ui/shared/webapps/ca/ee/ca/displayBySerial.template index ca886b4cf..e01e4e123 100644 --- a/pki/dogtag/ca-ui/shared/webapps/ca/ee/ca/displayBySerial.template +++ b/pki/dogtag/ca-ui/shared/webapps/ca/ee/ca/displayBySerial.template @@ -33,6 +33,13 @@ function navMajorVersion() return parseInt(navigator.appVersion.substring(0, navigator.appVersion.indexOf("."))); } +function addEscapes(str) +{ + var outStr = str.replace(/</g, "<"); + outStr = outStr.replace(/>/g, ">"); + return outStr; +} + function toHex(number) { var absValue = "", sign = ""; @@ -80,7 +87,7 @@ Certificate contents</font></td></tr></table> <pre> <SCRIPT LANGUAGE="JavaScript"> -document.write(result.header.certPrettyPrint); +document.write(addEscapes(result.header.certPrettyPrint)); </SCRIPT> </pre> diff --git a/pki/dogtag/ca-ui/shared/webapps/ca/ee/ca/queryCert.template b/pki/dogtag/ca-ui/shared/webapps/ca/ee/ca/queryCert.template index 5bcc37aed..9dd361ec0 100644 --- a/pki/dogtag/ca-ui/shared/webapps/ca/ee/ca/queryCert.template +++ b/pki/dogtag/ca-ui/shared/webapps/ca/ee/ca/queryCert.template @@ -91,6 +91,13 @@ function toHex(number) return sign + absValue; } +function addEscapes(str) +{ + var outStr = str.replace(/</g, "<"); + outStr = outStr.replace(/>/g, ">"); + return outStr; +} + function revokeCert(serialNumber) { return confirm("WARNING!! You are about to do an irreversible operation.\nDo you really want to revoke certificate # "+ @@ -291,7 +298,7 @@ function displayCertificateRecord(i, cert) " <a index='"+i+"' href='/ca/ee/ca/displayBySerial?op=displayBySerial&serialNumber=0x"+ cert.serialNumber+"' onmouseover='mouseover(this,event);' "+ "onmouseout='mouseout(this);'>"+ - cert.subject+"</a></div></font>"+ + addEscapes(cert.subject)+"</a></div></font>"+ "</td>"+ "</tr>\n" diff --git a/pki/dogtag/ca-ui/shared/webapps/ca/ee/ca/srchCert.template b/pki/dogtag/ca-ui/shared/webapps/ca/ee/ca/srchCert.template index a7e3f6522..3e7a1059b 100644 --- a/pki/dogtag/ca-ui/shared/webapps/ca/ee/ca/srchCert.template +++ b/pki/dogtag/ca-ui/shared/webapps/ca/ee/ca/srchCert.template @@ -126,8 +126,8 @@ function renderDateFromSecs(secs) year %= 100; year += 2000; } - return (dateTmp.getMonth()+1)+"/"+dateTmp.getDate()+"/"+year+" "+ - (dateTmp.getHours()<10?" ":"")+ + return (dateTmp.getMonth()+1)+"/"+dateTmp.getDate()+"/"+year+" "+ + (dateTmp.getHours()<10?" ":"")+ dateTmp.getHours()+":"+(dateTmp.getMinutes()<10?"0":"")+ dateTmp.getMinutes()+":"+(dateTmp.getSeconds()<10?"0":"")+ dateTmp.getSeconds(); @@ -179,6 +179,13 @@ function addSpaces(str) return outStr; } +function addEscapes(str) +{ + var outStr = str.replace(/</g, "<"); + outStr = outStr.replace(/>/g, ">"); + return outStr; +} + function getRevocationReason(revocationReason) { var reasons = new Array("Unspecified", @@ -304,7 +311,7 @@ function displayCertificateRecord(i, cert) " <a index='"+i+"' href='/ca/ee/ca/displayBySerial?op=displayBySerial&serialNumber=0x"+ cert.serialNumber+"' onmouseover='mouseover(this,event);' "+ "onmouseout='mouseout(this);'>"+ - cert.subject+"</div></font>"+ + addEscapes(cert.subject)+"</div></font>"+ "</a></td>"+ "</tr>\n" diff --git a/pki/dogtag/common/pki-common.spec b/pki/dogtag/common/pki-common.spec index 35a5d7b5f..98c91b29f 100644 --- a/pki/dogtag/common/pki-common.spec +++ b/pki/dogtag/common/pki-common.spec @@ -34,7 +34,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.1.0 -%define base_release 2 +%define base_release 3 %define base_group System Environment/Base %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -285,6 +285,8 @@ chmod 00755 %{_datadir}/%{base_prefix}/setup/postinstall ############################################################################### %changelog +* Fri Apr 10 2009 Ade Lee <alee@redhat.com> 1.1.0-3 +- Bugzilla Bug #223353 - Values entered through web ui are not checked/escaped * Tue Apr 7 2009 Andrew Wnuk <awnuk@redhat.com> 1.1.0-2 - Bugzilla Bug #493758 - policy editor corrupts profile * Sat Apr 4 2009 Matthew Harmsen <mharmsen@redhat.com> 1.1.0-1 diff --git a/pki/dogtag/tps/pki-tps.spec b/pki/dogtag/tps/pki-tps.spec index 3a3b8ab5d..e5b642961 100644 --- a/pki/dogtag/tps/pki-tps.spec +++ b/pki/dogtag/tps/pki-tps.spec @@ -34,7 +34,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.1.0 -%define base_release 1 +%define base_release 2 %define base_group System Environment/Daemons %define base_vendor Red Hat, Inc. %define base_license LGPLv2 with exceptions @@ -313,6 +313,8 @@ fi ############################################################################### %changelog +* Fri Apr 10 2009 Ade Lee <alee@redhat.com> 1.1.0-2 +- Bugzilla Bug #223353 - Values entered through web ui are not checked/escaped * Sat Apr 4 2009 Matthew Harmsen <mharmsen@redhat.com> 1.1.0-1 - Version update to Dogtag 1.1.0. * Tue Mar 31 2009 Christina Fu <cfu@redhat.com> 1.0.0-45 diff --git a/pki/dogtag/util/pki-util.spec b/pki/dogtag/util/pki-util.spec index 8352020f4..9cc27cee2 100644 --- a/pki/dogtag/util/pki-util.spec +++ b/pki/dogtag/util/pki-util.spec @@ -33,7 +33,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.1.0 -%define base_release 1 +%define base_release 2 %define base_group System Environment/Base %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -270,6 +270,8 @@ rm -rf ${RPM_BUILD_ROOT} ############################################################################### %changelog +* Fri Apr 10 2009 Ade Lee <alee@redhat.com> 1.1.0-2 +- Bugzilla Bug #223353 - Values entered through web ui are not checked/escaped * Sat Apr 4 2009 Matthew Harmsen <mharmsen@redhat.com> 1.1.0-1 - Version update to Dogtag 1.1.0. * Thu Mar 26 2009 Andrew Wnuk <awnuk@redhat.com> 1.0.0-13 |