From c19da2c87226fee57abdab376d09475cccb11fe5 Mon Sep 17 00:00:00 2001 From: Wilfried Goesgens Date: Wed, 7 Oct 2015 14:40:14 +0200 Subject: [PATCH] Fix error handling to avoid XSS attacks. --- webcit/context_loop.c | 1 + webcit/subst.c | 23 ++++++++++++++++------- webcit/webcit.c | 4 +++- webcit/webcit.h | 1 + 4 files changed, 21 insertions(+), 8 deletions(-) diff --git a/webcit/context_loop.c b/webcit/context_loop.c index bf3ac7def..fd13b97f1 100644 --- a/webcit/context_loop.c +++ b/webcit/context_loop.c @@ -603,6 +603,7 @@ void context_loop(ParsedHttpHdrs *Hdr) pthread_setspecific(MyConKey, (void *)TheSession); TheSession->inuse = 1; /* mark the session as bound */ + TheSession->isFailure = 0; /* reset evntually existing error flags */ TheSession->lastreq = now; /* log */ TheSession->Hdr = Hdr; diff --git a/webcit/subst.c b/webcit/subst.c index ab4edce38..7964ab4c2 100644 --- a/webcit/subst.c +++ b/webcit/subst.c @@ -1907,6 +1907,8 @@ const StrBuf *ProcessTemplate(WCTemplate *Tmpl, StrBuf *Target, WCTemplputParams } + +StrBuf *textPlainType; /** * \brief Display a variable-substituted template * \param templatename template file to load @@ -1933,23 +1935,28 @@ const StrBuf *DoTemplate(const char *templatename, long len, StrBuf *Target, WCT { syslog(LOG_WARNING, "Can't to load a template with empty name!\n"); StrBufAppendPrintf(Target, "
\nCan't to load a template with empty name!\n
"); - return NULL; + return textPlainType; } if (!GetHash(StaticLocal, templatename, len, &vTmpl) && !GetHash(Static, templatename, len, &vTmpl)) { - syslog(LOG_WARNING, "didn't find Template [%s] %ld %ld\n", templatename, len , (long)strlen(templatename)); + StrBuf *escapedString = NewStrBufPlain(NULL, len); + + StrHtmlEcmaEscAppend(escapedString, NULL, templatename, 1, 1); + syslog(LOG_WARNING, "didn't find Template [%s] %ld %ld\n", ChrPtr(escapedString), len , (long)strlen(templatename)); StrBufAppendPrintf(Target, "
\ndidn't find Template [%s] %ld %ld\n
", - templatename, len, + ChrPtr(escapedString), len, (long)strlen(templatename)); + WC->isFailure = 1; #if 0 dbg_PrintHash(Static, PrintTemplate, NULL); PrintHash(Static, VarPrintTransition, PrintTemplate); #endif - return NULL; + FreeStrBuf(&escapedString); + return textPlainType; } if (vTmpl == NULL) - return NULL; + return textPlainType; return ProcessTemplate(vTmpl, Target, TP); } @@ -2988,9 +2995,9 @@ void ServerStartModule_SUBST (void) { + textPlainType = NewStrBufPlain(HKEY("text/plain")); LocalTemplateCache = NewHash(1, NULL); TemplateCache = NewHash(1, NULL); - GlobalNS = NewHash(1, NULL); Iterators = NewHash(1, NULL); Conditionals = NewHash(1, NULL); @@ -3016,9 +3023,11 @@ void ServerShutdownModule_SUBST (void) { + FreeStrBuf(&textPlainType); + DeleteHash(&TemplateCache); DeleteHash(&LocalTemplateCache); - + DeleteHash(&GlobalNS); DeleteHash(&Iterators); DeleteHash(&Conditionals); diff --git a/webcit/webcit.c b/webcit/webcit.c index 91fc47e26..bca779a3a 100644 --- a/webcit/webcit.c +++ b/webcit/webcit.c @@ -141,7 +141,9 @@ void output_headers( int do_httpheaders, /* 1 = output HTTP headers */ wcsession *WCC = WC; char httpnow[128]; - if (WCC->Hdr->HaveRange > 1) + if (WCC->isFailure) + hprintf("HTTP/2.2 500 Internal Server Error"); + else if (WCC->Hdr->HaveRange > 1) hprintf("HTTP/1.1 206 Partial Content\r\n"); else hprintf("HTTP/1.1 200 OK\r\n"); diff --git a/webcit/webcit.h b/webcit/webcit.h index a087d5f37..8913f4fed 100644 --- a/webcit/webcit.h +++ b/webcit/webcit.h @@ -422,6 +422,7 @@ struct wcsession { int ctdl_pid; /* Session ID on the Citadel server */ int nonce; /* session nonce (to prevent session riding) */ int inuse; /* set to nonzero if bound to a running thread */ + int isFailure; /* Http 2xx or 5xx? */ /* Session local Members */ int serv_sock; /* Client socket to Citadel server */ -- 2.30.2