From f34898a84f4ff2ee2940a547efa83267fc1ec7ac Mon Sep 17 00:00:00 2001
From: awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>
Date: Mon, 1 Aug 2011 23:51:37 +0000
Subject: Fixed bugzilla bug #717041 - Improve escaping of some enrollment
 inputs

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2091 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
---
 .../netscape/cms/servlet/common/CMSTemplate.java   | 35 +++++++++++++++++-----
 1 file changed, 28 insertions(+), 7 deletions(-)

(limited to 'pki/base/common')

diff --git a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
index a2a7f3ea..94fcffc5 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
@@ -379,10 +379,20 @@ public class CMSTemplate extends CMSFile {
 
             if ((c == 0x5c) && ((i+1)<l) && (in[i+1] == 'n' ||
                  in[i+1] == 'r' || in[i+1] == 'f' || in[i+1] == 't' ||
+                 in[i+1] == '<' || in[i+1] == '>' ||
                  in[i+1] == '\"' || in[i+1] == '\'' || in[i+1] == '\\')) {
-                out[j++] = '\\';
-                out[j++] = in[i+1];
-                i++;
+                if (in[i+1] == 'x' && ((i+3)<l) && in[i+2] == '3' &&
+                    (in[i+3] == 'c' || in[i+3] == 'e')) {
+                    out[j++] = '\\';
+                    out[j++] = in[i+1];
+                    out[j++] = in[i+2];
+                    out[j++] = in[i+3];
+                    i += 3;
+                } else { 
+                    out[j++] = '\\';
+                    out[j++] = in[i+1];
+                    i++;
+                }
                 continue;
             }
 
@@ -459,10 +469,21 @@ public class CMSTemplate extends CMSFile {
             }
 
             if ((c == 0x5c) && ((i+1)<l) && (in[i+1] == 'n' ||
-                 in[i+1] == 'r' || in[i+1] == 'f' || in[i+1] == 't')) {
-                out[j++] = '\\';
-                out[j++] = in[i+1];
-                i++;
+                 in[i+1] == 'r' || in[i+1] == 'f' || in[i+1] == 't' ||
+                 in[i+1] == '<' || in[i+1] == '>' ||
+                 in[i+1] == '\"' || in[i+1] == '\'' || in[i+1] == '\\')) {
+                if (in[i+1] == 'x' && ((i+3)<l) && in[i+2] == '3' &&
+                    (in[i+3] == 'c' || in[i+3] == 'e')) {
+                    out[j++] = '\\';
+                    out[j++] = in[i+1];
+                    out[j++] = in[i+2];
+                    out[j++] = in[i+3];
+                    i += 3;
+                } else { 
+                    out[j++] = '\\';
+                    out[j++] = in[i+1];
+                    i++;
+                }
                 continue;
             }
 
-- 
cgit