diff options
author | Ingo Schwarze <schwarze@openbsd.org> | 2014-07-23 15:00:08 +0000 |
---|---|---|
committer | Ingo Schwarze <schwarze@openbsd.org> | 2014-07-23 15:00:08 +0000 |
commit | 6f5332923fc94cad0bee91d0c1fa8be521828d5c (patch) | |
tree | 2e8849fe31297bf03a63cdfed8e5a75d1c933097 /tbl_data.c | |
parent | 5958bb58d226401788b8cb09c2a2b93dc28de2d5 (diff) | |
download | mandoc-6f5332923fc94cad0bee91d0c1fa8be521828d5c.tar.gz mandoc-6f5332923fc94cad0bee91d0c1fa8be521828d5c.tar.zst mandoc-6f5332923fc94cad0bee91d0c1fa8be521828d5c.zip |
Security fix:
After decoding numeric (\N) and one-character (\<, \> etc.)
character escape sequences, do not forget to HTML-encode the
resulting ASCII character. Malicious manuals were able to smuggle
XSS content by roff-escaping the HTML-special characters they need.
That's a classic bug type in many web applications, actually... :-(
Found myself while auditing the HTML formatter for safe output handling.
Diffstat (limited to 'tbl_data.c')
0 files changed, 0 insertions, 0 deletions