diff options
author | awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-08-01 23:48:05 +0000 |
---|---|---|
committer | awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-08-01 23:48:05 +0000 |
commit | d2f38b9f6244bf08181967af300ebaea68c0d409 (patch) | |
tree | 09cc36c18fe0ef644dc6e315b169f1216e824f3e /pki/base | |
parent | 37a77d6960db1339682d4f025bd36919c4f679b8 (diff) | |
download | pki-d2f38b9f6244bf08181967af300ebaea68c0d409.tar.gz pki-d2f38b9f6244bf08181967af300ebaea68c0d409.tar.xz pki-d2f38b9f6244bf08181967af300ebaea68c0d409.zip |
Fixed bugzilla bug #717041 - Improve escaping of some enrollment inputs
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2090 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java index 09c9fc91e..fe7936baf 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java @@ -342,10 +342,20 @@ public class ProfileServlet extends CMSServlet { /* see BZ 500736 for details */ if ((c == 0x5c) && ((i+1)<l) && (in[i+1] == 'n' || in[i+1] == 'r' || in[i+1] == 'f' || in[i+1] == 't' || + in[i+1] == '<' || in[i+1] == '>' || in[i+1] == '\"' || in[i+1] == '\'' || in[i+1] == '\\')) { - out[j++] = '\\'; - out[j++] = in[i+1]; - i++; + if (in[i+1] == 'x' && ((i+3)<l) && in[i+2] == '3' && + (in[i+3] == 'c' || in[i+3] == 'e')) { + out[j++] = '\\'; + out[j++] = in[i+1]; + out[j++] = in[i+2]; + out[j++] = in[i+3]; + i += 3; + } else { + out[j++] = '\\'; + out[j++] = in[i+1]; + i++; + } continue; } |