summaryrefslogtreecommitdiff
path: root/src/modules
diff options
context:
space:
mode:
authorPeter Powell <petpow@saberuk.com>2013-02-11 10:25:57 +0000
committerattilamolnar <attilamolnar@hush.com>2013-02-17 21:36:26 +0100
commit83e36af589b433b00482e3c6b617165606e1ccbd (patch)
tree00d3e9d762b5e51a901f5119a57aa1c2da8fde76 /src/modules
parenta0f92dd232097fa6662265ca49b222b72ca39c83 (diff)
Fix multiple escape bugs in m_httpd_stats.
Diffstat (limited to 'src/modules')
-rw-r--r--src/modules/m_httpd_stats.cpp19
1 files changed, 14 insertions, 5 deletions
diff --git a/src/modules/m_httpd_stats.cpp b/src/modules/m_httpd_stats.cpp
index 077bc4f2d..547d6032f 100644
--- a/src/modules/m_httpd_stats.cpp
+++ b/src/modules/m_httpd_stats.cpp
@@ -55,14 +55,23 @@ class ModuleHttpStats : public Module
ret += it->second;
ret += ';';
}
- else if (*x < 32 || *x > 126)
+ else if (*x == 0x9 || *x == 0xA || *x == 0xD ||
+ (*x >= 0x20 && *x <= 0xD7FF) || (*x >= 0xE000 && *x <= 0x10FFFF))
{
- int n = (unsigned char)*x;
- ret += ("&#" + ConvToStr(n) + ";");
+ // The XML specification defines the following characters as valid inside an XML document:
+ // Char ::= #x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] | [#x10000-#x10FFFF]
+ ret += *x;
}
else
{
- ret += *x;
+ // If we reached this point then the string contains characters which can
+ // not be represented in XML, even using a numeric escape. Therefore, we
+ // Base64 encode the entire string and wrap it in a CDATA.
+ ret.clear();
+ ret += "<![CDATA[";
+ ret += BinToBase64(str);
+ ret += "]]>";
+ break;
}
}
return ret;
@@ -145,7 +154,7 @@ class ModuleHttpStats : public Module
Channel* c = a->second;
data << "<channel>";
- data << "<usercount>" << c->GetUsers()->size() << "</usercount><channelname>" << c->name << "</channelname>";
+ data << "<usercount>" << c->GetUsers()->size() << "</usercount><channelname>" << Sanitize(c->name) << "</channelname>";
data << "<channeltopic>";
data << "<topictext>" << Sanitize(c->topic) << "</topictext>";
data << "<setby>" << Sanitize(c->setby) << "</setby>";