summaryrefslogtreecommitdiffstats
path: root/manpath.c
diff options
context:
space:
mode:
authorIngo Schwarze <schwarze@openbsd.org>2014-07-23 15:00:08 +0000
committerIngo Schwarze <schwarze@openbsd.org>2014-07-23 15:00:08 +0000
commitefa6734f7e00c3cb95d77b5b5007681f94dd570e (patch)
tree4adcc290b9b88b17586ac9d131a9a706bedafb9b /manpath.c
parent3d2eb53149ca24b5957180553ec66503bbcd3e7b (diff)
downloadmandoc-efa6734f7e00c3cb95d77b5b5007681f94dd570e.tar.gz
Security fix:
After decoding numeric (\N) and one-character (\<, \> etc.) character escape sequences, do not forget to HTML-encode the resulting ASCII character. Malicious manuals were able to smuggle XSS content by roff-escaping the HTML-special characters they need. That's a classic bug type in many web applications, actually... :-( Found myself while auditing the HTML formatter for safe output handling.
Diffstat (limited to 'manpath.c')
0 files changed, 0 insertions, 0 deletions