Fossil SCM
The value returned by TH1 command getParameter should be marked as tainted.
Commit
6a6b85448c736142d0819021ce2c0100b93d6502819d85362e7f8c00427926c0
Parent
d259be4017e38a6…
1 file changed
+5
-1
+5
-1
| --- src/th_main.c | ||
| +++ src/th_main.c | ||
| @@ -1449,17 +1449,21 @@ | ||
| 1449 | 1449 | int argc, |
| 1450 | 1450 | const char **argv, |
| 1451 | 1451 | int *argl |
| 1452 | 1452 | ){ |
| 1453 | 1453 | const char *zDefault = 0; |
| 1454 | + const char *zVal; | |
| 1455 | + int sz; | |
| 1454 | 1456 | if( argc!=2 && argc!=3 ){ |
| 1455 | 1457 | return Th_WrongNumArgs(interp, "getParameter NAME ?DEFAULT?"); |
| 1456 | 1458 | } |
| 1457 | 1459 | if( argc==3 ){ |
| 1458 | 1460 | zDefault = argv[2]; |
| 1459 | 1461 | } |
| 1460 | - Th_SetResult(interp, cgi_parameter(argv[1], zDefault), -1); | |
| 1462 | + zVal = cgi_parameter(argv[1], zDefault); | |
| 1463 | + sz = th_strlen(zVal); | |
| 1464 | + Th_SetResult(interp, zVal, TH1_ADD_TAINT(sz)); | |
| 1461 | 1465 | return TH_OK; |
| 1462 | 1466 | } |
| 1463 | 1467 | |
| 1464 | 1468 | /* |
| 1465 | 1469 | ** TH1 command: setParameter NAME VALUE |
| 1466 | 1470 |
| --- src/th_main.c | |
| +++ src/th_main.c | |
| @@ -1449,17 +1449,21 @@ | |
| 1449 | int argc, |
| 1450 | const char **argv, |
| 1451 | int *argl |
| 1452 | ){ |
| 1453 | const char *zDefault = 0; |
| 1454 | if( argc!=2 && argc!=3 ){ |
| 1455 | return Th_WrongNumArgs(interp, "getParameter NAME ?DEFAULT?"); |
| 1456 | } |
| 1457 | if( argc==3 ){ |
| 1458 | zDefault = argv[2]; |
| 1459 | } |
| 1460 | Th_SetResult(interp, cgi_parameter(argv[1], zDefault), -1); |
| 1461 | return TH_OK; |
| 1462 | } |
| 1463 | |
| 1464 | /* |
| 1465 | ** TH1 command: setParameter NAME VALUE |
| 1466 |
| --- src/th_main.c | |
| +++ src/th_main.c | |
| @@ -1449,17 +1449,21 @@ | |
| 1449 | int argc, |
| 1450 | const char **argv, |
| 1451 | int *argl |
| 1452 | ){ |
| 1453 | const char *zDefault = 0; |
| 1454 | const char *zVal; |
| 1455 | int sz; |
| 1456 | if( argc!=2 && argc!=3 ){ |
| 1457 | return Th_WrongNumArgs(interp, "getParameter NAME ?DEFAULT?"); |
| 1458 | } |
| 1459 | if( argc==3 ){ |
| 1460 | zDefault = argv[2]; |
| 1461 | } |
| 1462 | zVal = cgi_parameter(argv[1], zDefault); |
| 1463 | sz = th_strlen(zVal); |
| 1464 | Th_SetResult(interp, zVal, TH1_ADD_TAINT(sz)); |
| 1465 | return TH_OK; |
| 1466 | } |
| 1467 | |
| 1468 | /* |
| 1469 | ** TH1 command: setParameter NAME VALUE |
| 1470 |