diff options
author | Ingo Schwarze <schwarze@openbsd.org> | 2014-07-22 22:41:35 +0000 |
---|---|---|
committer | Ingo Schwarze <schwarze@openbsd.org> | 2014-07-22 22:41:35 +0000 |
commit | 3d2eb53149ca24b5957180553ec66503bbcd3e7b (patch) | |
tree | 8712883eef040cdf5086ab3918c6aea131849e1c /read.c | |
parent | 65cb0941933336f1e6502825398c255d1c4d858e (diff) | |
download | mandoc-3d2eb53149ca24b5957180553ec66503bbcd3e7b.tar.gz |
Security fix:
The function print_encode() is used both for plain text
and for quoted attribute values.
Escape the '"' character such that malicious manuals cannot pull off
XSS attacks using malformed .Lk, .Mt, .%U, and .UR macros (and maybe
others) to trigger the latter case.
In the former case, escaping does no harm.
Issue found by Sebastien Marie <semarie-openbsd at latrappe dot fr>.
Diffstat (limited to 'read.c')
0 files changed, 0 insertions, 0 deletions