Fix error handling to avoid XSS attacks.

diff --git a/webcit/context_loop.c b/webcit/context_loop.c
index bf3ac7def2171edb0ee1a074978670aaa492ff9e..fd13b97f1151c72d14ef893391ded2f721e9c849 100644 (file)
--- a/webcit/context_loop.c
+++ b/webcit/context_loop.c
@@ -603,6 +603,7 @@ void context_loop(ParsedHttpHdrs *Hdr)
        pthread_setspecific(MyConKey, (void *)TheSession);
        
        TheSession->inuse = 1;                          /* mark the session as bound */
+       TheSession->isFailure = 0;                      /* reset evntually existing error flags */
        TheSession->lastreq = now;                      /* log */
        TheSession->Hdr = Hdr;
 

diff --git a/webcit/subst.c b/webcit/subst.c
index ab4edce38692746f02a8a89f06cd0ab4ba8f9637..7964ab4c2795f3481421da790a0acee9f743b687 100644 (file)
--- a/webcit/subst.c
+++ b/webcit/subst.c
@@ -1907,6 +1907,8 @@ const StrBuf *ProcessTemplate(WCTemplate *Tmpl, StrBuf *Target, WCTemplputParams
 
 }
 
+
+StrBuf *textPlainType;
 /**
  * \brief Display a variable-substituted template
  * \param templatename template file to load
@@ -1933,23 +1935,28 @@ const StrBuf *DoTemplate(const char *templatename, long len, StrBuf *Target, WCT
        {
                syslog(LOG_WARNING, "Can't to load a template with empty name!\n");
                StrBufAppendPrintf(Target, "<pre>\nCan't to load a template with empty name!\n</pre>");
-               return NULL;
+               return textPlainType;
        }
 
        if (!GetHash(StaticLocal, templatename, len, &vTmpl) &&
            !GetHash(Static, templatename, len, &vTmpl)) {
-               syslog(LOG_WARNING, "didn't find Template [%s] %ld %ld\n", templatename, len , (long)strlen(templatename));
+               StrBuf *escapedString = NewStrBufPlain(NULL, len);
+               
+               StrHtmlEcmaEscAppend(escapedString, NULL, templatename, 1, 1);
+               syslog(LOG_WARNING, "didn't find Template [%s] %ld %ld\n", ChrPtr(escapedString), len , (long)strlen(templatename));
                StrBufAppendPrintf(Target, "<pre>\ndidn't find Template [%s] %ld %ld\n</pre>", 
-                                  templatename, len, 
+                                  ChrPtr(escapedString), len, 
                                   (long)strlen(templatename));
+               WC->isFailure = 1;
 #if 0
                dbg_PrintHash(Static, PrintTemplate, NULL);
                PrintHash(Static, VarPrintTransition, PrintTemplate);
 #endif
-               return NULL;
+               FreeStrBuf(&escapedString);
+               return textPlainType;
        }
        if (vTmpl == NULL) 
-               return NULL;
+               return textPlainType;
        return ProcessTemplate(vTmpl, Target, TP);
 
 }
@@ -2988,9 +2995,9 @@ void
 ServerStartModule_SUBST
 (void)
 {
+       textPlainType = NewStrBufPlain(HKEY("text/plain"));
        LocalTemplateCache = NewHash(1, NULL);
        TemplateCache = NewHash(1, NULL);
-
        GlobalNS = NewHash(1, NULL);
        Iterators = NewHash(1, NULL);
        Conditionals = NewHash(1, NULL);
@@ -3016,9 +3023,11 @@ void
 ServerShutdownModule_SUBST
 (void)
 {
+       FreeStrBuf(&textPlainType);
+
        DeleteHash(&TemplateCache);
        DeleteHash(&LocalTemplateCache);
-
+       
        DeleteHash(&GlobalNS);
        DeleteHash(&Iterators);
        DeleteHash(&Conditionals);

diff --git a/webcit/webcit.c b/webcit/webcit.c
index 91fc47e26424c64bf0d85a0ec173554fed1cb5ec..bca779a3ad331009fd6355ce5da49a13f3f83577 100644 (file)
--- a/webcit/webcit.c
+++ b/webcit/webcit.c
@@ -141,7 +141,9 @@ void output_headers(        int do_httpheaders,     /* 1 = output HTTP headers                        */
        wcsession *WCC = WC;
        char httpnow[128];
 
-       if (WCC->Hdr->HaveRange > 1)
+       if (WCC->isFailure) 
+               hprintf("HTTP/2.2 500 Internal Server Error");
+       else if (WCC->Hdr->HaveRange > 1)
                hprintf("HTTP/1.1 206 Partial Content\r\n");
        else
                hprintf("HTTP/1.1 200 OK\r\n");

diff --git a/webcit/webcit.h b/webcit/webcit.h
index a087d5f37599b9514eeadc9ebfd38c237de08428..8913f4fed01a8fa73efe673522ce4bd6635283df 100644 (file)
--- a/webcit/webcit.h
+++ b/webcit/webcit.h
@@ -422,6 +422,7 @@ struct wcsession {
        int ctdl_pid;                           /* Session ID on the Citadel server */
        int nonce;                              /* session nonce (to prevent session riding) */
        int inuse;                              /* set to nonzero if bound to a running thread */
+       int isFailure;                          /* Http 2xx or 5xx? */
 
 /* Session local Members */
        int serv_sock;                          /* Client socket to Citadel server */