Fixed bugzilla bug #717041 - Improve escaping of some enrollment inputs

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2091 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
author: awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2011-08-01 23:51:37 +0000
committer: awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2011-08-01 23:51:37 +0000
commit: f34898a84f4ff2ee2940a547efa83267fc1ec7ac (patch)
tree: 0201c9cd87100f3525e8201a08ae0a5655f72a23 /pki/base/common/src/com/netscape/cms/servlet/common
parent: d2f38b9f6244bf08181967af300ebaea68c0d409 (diff)
download: pki-f34898a84f4ff2ee2940a547efa83267fc1ec7ac.tar.gz
pki-f34898a84f4ff2ee2940a547efa83267fc1ec7ac.tar.xz
pki-f34898a84f4ff2ee2940a547efa83267fc1ec7ac.zip
1 files changed, 28 insertions, 7 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
index a2a7f3ea2..94fcffc55 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
@@ -379,10 +379,20 @@ public class CMSTemplate extends CMSFile {
 
             if ((c == 0x5c) && ((i+1)<l) && (in[i+1] == 'n' ||
                  in[i+1] == 'r' || in[i+1] == 'f' || in[i+1] == 't' ||
+                 in[i+1] == '<' || in[i+1] == '>' ||
                  in[i+1] == '\"' || in[i+1] == '\'' || in[i+1] == '\\')) {
-                out[j++] = '\\';
-                out[j++] = in[i+1];
-                i++;
+                if (in[i+1] == 'x' && ((i+3)<l) && in[i+2] == '3' &&
+                    (in[i+3] == 'c' || in[i+3] == 'e')) {
+                    out[j++] = '\\';
+                    out[j++] = in[i+1];
+                    out[j++] = in[i+2];
+                    out[j++] = in[i+3];
+                    i += 3;
+                } else { 
+                    out[j++] = '\\';
+                    out[j++] = in[i+1];
+                    i++;
+                }
                 continue;
             }
 
@@ -459,10 +469,21 @@ public class CMSTemplate extends CMSFile {
             }
 
             if ((c == 0x5c) && ((i+1)<l) && (in[i+1] == 'n' ||
-                 in[i+1] == 'r' || in[i+1] == 'f' || in[i+1] == 't')) {
-                out[j++] = '\\';
-                out[j++] = in[i+1];
-                i++;
+                 in[i+1] == 'r' || in[i+1] == 'f' || in[i+1] == 't' ||
+                 in[i+1] == '<' || in[i+1] == '>' ||
+                 in[i+1] == '\"' || in[i+1] == '\'' || in[i+1] == '\\')) {
+                if (in[i+1] == 'x' && ((i+3)<l) && in[i+2] == '3' &&
+                    (in[i+3] == 'c' || in[i+3] == 'e')) {
+                    out[j++] = '\\';
+                    out[j++] = in[i+1];
+                    out[j++] = in[i+2];
+                    out[j++] = in[i+3];
+                    i += 3;
+                } else { 
+                    out[j++] = '\\';
+                    out[j++] = in[i+1];
+                    i++;
+                }
                 continue;
             }
author	awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2011-08-01 23:51:37 +0000
committer	awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2011-08-01 23:51:37 +0000
commit	f34898a84f4ff2ee2940a547efa83267fc1ec7ac (patch)
tree	0201c9cd87100f3525e8201a08ae0a5655f72a23 /pki/base/common/src/com/netscape/cms/servlet/common
parent	d2f38b9f6244bf08181967af300ebaea68c0d409 (diff)
download	pki-f34898a84f4ff2ee2940a547efa83267fc1ec7ac.tar.gz pki-f34898a84f4ff2ee2940a547efa83267fc1ec7ac.tar.xz pki-f34898a84f4ff2ee2940a547efa83267fc1ec7ac.zip