Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/07210_all_encode_html_entities-5.0.70.patch
blob: 87c64b56991d1aacb7a76d14d223406c4065b85a (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

When using the commandline client and --html, HTML entities are not encoded,
leading to a potential XSS.

The testcase portion of this patch is disabled, as it does not apply to 5.0.72.
You can find an updated testcase in 721_all_encode_html_entities_testcase-5.0.70.patch.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Patch-URL: http://bugs.mysql.com/file.php?id=9232
MySQL-Bug: 27884
MySQL-Bug-URL: http://bugs.mysql.com/bug.php?id=27884
Gentoo-Bug: 240407
Gentoo-Bug-URL: http://bugs.gentoo.org/show_bug.cgi?id=240407

=== modified file 'client/mysql.cc'
--- client/mysql.cc	2007-11-13 13:29:42 +0000
+++ client/mysql.cc	2008-05-01 19:16:09 +0000
@@ -2636,9 +2636,12 @@
   {
     while((field = mysql_fetch_field(result)))
     {
-      tee_fprintf(PAGER, "<TH>%s</TH>", (field->name ? 
-					 (field->name[0] ? field->name : 
-					  " &nbsp; ") : "NULL"));
+      tee_fputs("<TH>", PAGER);
+      if (field->name && field->name[0])
+        xmlencode_print(field->name, field->name_length);
+      else
+        tee_fputs(field->name ? " &nbsp; " : "NULL", PAGER);
+      tee_fputs("</TH>", PAGER);
     }
     (void) tee_fputs("</TR>", PAGER);
   }
@@ -2651,7 +2654,7 @@
     for (uint i=0; i < mysql_num_fields(result); i++)
     {
       (void) tee_fputs("<TD>", PAGER);
-      safe_put_field(cur[i],lengths[i]);
+      xmlencode_print(cur[i], lengths[i]);
       (void) tee_fputs("</TD>", PAGER);
     }
     (void) tee_fputs("</TR>", PAGER);

#=== modified file 'mysql-test/r/mysql.result'
#--- mysql-test/r/mysql.result	2007-09-20 09:10:05 +0000
#+++ mysql-test/r/mysql.result	2008-05-01 19:23:01 +0000
#@@ -180,3 +180,5 @@
# 1
# End of 5.0 tests
# WARNING: --server-arg option not supported in this configuration.
#+<TABLE BORDER=1><TR><TH>&lt;</TH></TR><TR><TD>&lt; &amp; &gt;</TD></TR></TABLE>
#+End of 5.1 tests
#
#=== modified file 'mysql-test/t/mysql.test'
#--- mysql-test/t/mysql.test	2007-09-04 22:50:09 +0000
#+++ mysql-test/t/mysql.test	2008-05-01 19:22:54 +0000
#@@ -290,3 +290,11 @@
# --disable_query_log
# --exec $MYSQL --server-arg=no-defaults test -e "quit"
# --enable_query_log
#+
#+#
#+# Bug #27884: mysql --html does not quote HTML special characters in output
#+# 
#+--exec $MYSQL --html test -e "select '< & >' as \`<\`"
#+
#+--echo
#+--echo End of 5.1 tests
#