storm/w3m
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

w3m 0.3.2.1 security fix

Browse Source 
* frame.c (createFrameFile): html_quote()
From: Hironori SAKAMOTO <hsaka@mth.biglobe.ne.jp>
This commit is contained in:
Fumitoshi UKAI
2002-11-26 16:58:48 +00:00
parent 7f473aa262
commit 10daaf6c94
2 changed files with 16 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog
View File

@@ -1,3 +1,8 @@
2002-11-27 Hironori SAKAMOTO <hsaka@mth.biglobe.ne.jp>
* w3m 0.3.2.1 security fix
* frame.c (createFrameFile): html_quote()
2002-11-27 Hironori SAKAMOTO <hsaka@mth.biglobe.ne.jp> 2002-11-27 Hironori SAKAMOTO <hsaka@mth.biglobe.ne.jp>
* [w3m-dev 03486] fix of displayLineInfo * [w3m-dev 03486] fix of displayLineInfo
@@ -5161,4 +5166,4 @@ a * [w3m-dev 03276] compile error on EWS4800
* release-0-2-1 * release-0-2-1
* import w3m-0.2.1 * import w3m-0.2.1
$Id: ChangeLog,v 1.559 2002/11/26 16:57:39 ukai Exp $ $Id: ChangeLog,v 1.560 2002/11/26 16:58:48 ukai Exp $

18
frame.c
View File

@@ -1,4 +1,4 @@
/* $Id: frame.c,v 1.17 2002/11/05 15:56:13 ukai Exp $ */ /* $Id: frame.c,v 1.18 2002/11/26 16:58:49 ukai Exp $ */
#include "fm.h" #include "fm.h"
#include "parsetagx.h" #include "parsetagx.h"
#include "myctype.h" #include "myctype.h"
@@ -519,14 +519,15 @@ createFrameFile(struct frameset *f, FILE * f1, Buffer *current, int level,
frame.body->attr = F_UNLOADED; frame.body->attr = F_UNLOADED;
if (frame.body->flags & FB_NO_BUFFER) if (frame.body->flags & FB_NO_BUFFER)
fprintf(f1, "Open %s with other method", fprintf(f1, "Open %s with other method",
frame.body->url); html_quote(frame.body->url));
else if (frame.body->url) else if (frame.body->url)
fprintf(f1, "Can't open %s", frame.body->url); fprintf(f1, "Can't open %s",
html_quote(frame.body->url));
else else
fprintf(f1, fprintf(f1,
"This frame (%s) contains no src attribute", "This frame (%s) contains no src attribute",
frame.body->name ? frame.body-> frame.body->name ? html_quote(frame.body->name)
name : "(no name)"); : "(no name)");
break; break;
} }
parseURL2(frame.body->url, &base, currentURL); parseURL2(frame.body->url, &base, currentURL);
@@ -620,7 +621,7 @@ createFrameFile(struct frameset *f, FILE * f1, Buffer *current, int level,
/* prohibit_tags */ /* prohibit_tags */
Strshrinkfirst(tok, 1); Strshrinkfirst(tok, 1);
Strshrink(tok, 1); Strshrink(tok, 1);
fprintf(f1, "<!-- %s -->", tok->ptr); fprintf(f1, "<!-- %s -->", html_quote(tok->ptr));
goto token_end; goto token_end;
case HTML_TABLE: case HTML_TABLE:
t_stack++; t_stack++;
@@ -633,7 +634,7 @@ createFrameFile(struct frameset *f, FILE * f1, Buffer *current, int level,
Strshrink(tok, 1); Strshrink(tok, 1);
fprintf(f1, fprintf(f1,
"<!-- table stack underflow: %s -->", "<!-- table stack underflow: %s -->",
tok->ptr); html_quote(tok->ptr));
goto token_end; goto token_end;
} }
break; break;
@@ -653,7 +654,8 @@ createFrameFile(struct frameset *f, FILE * f1, Buffer *current, int level,
if (!t_stack) { if (!t_stack) {
Strshrinkfirst(tok, 1); Strshrinkfirst(tok, 1);
Strshrink(tok, 1); Strshrink(tok, 1);
fprintf(f1, "<!-- %s -->", tok->ptr); fprintf(f1, "<!-- %s -->",
html_quote(tok->ptr));
goto token_end; goto token_end;
} }