Namazu-devel-ja(旧)


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 2.0.8pre1 (Re: Namazu v2.0.7 にクロスサイトスクリプティング脆弱性)



<200111270800.fAR80tF02895@xxxxxxxxxxxxxxxxxxxxxxxxxxx>の記事において
taca@xxxxxxxxxxxxxxxxxxxxxxさんは書きました。

>> 1.3系は、既に保守は終わっているのだと思いますが、できれば公式なパッチ
>> があると幸せになるところも多いのではないでしょうか。

  とりあえず 1.3 用のパッチを書いてみました。チェックはしていませんの
で、どなたか試してみていただけると嬉しいです。
-- 
野首 貴嗣
E-mail: knok@xxxxxxxxxxxxx
	knok@xxxxxxxxxx / knok@xxxxxxxxxx

diff -cr namazu-1.3.0.11/ChangeLog namazu-1.3.0.12/ChangeLog
*** namazu-1.3.0.11/ChangeLog	Wed Jan 26 22:38:50 2000
--- namazu-1.3.0.12/ChangeLog	Tue Nov 27 17:09:23 2001
***************
*** 4,10 ****
--- 4,16 ----
  	This file describes Namazu's change history. If you want to know
  	about major changes from previous version, please see 
  	"manual.html#VERSIONDIFF".
+ v1.3.0.12
+ 	[2001-11-27]
  
+ 	* Fix a security hole in CGI mode which allows malicious person to
+ 	put any HTML tags or scripts in CGI form (cross-site scripting).
+ 	- [TAKAGI, Hiromitsu <takagi.hiromitsu@xxxxxxxxxx>] - report
+ 	
  v1.3.0.11
  	[2000-01-26]
  
diff -cr namazu-1.3.0.11/VERSION namazu-1.3.0.12/VERSION
*** namazu-1.3.0.11/VERSION	Wed Jan 26 22:38:51 2000
--- namazu-1.3.0.12/VERSION	Tue Nov 27 17:02:41 2001
***************
*** 1 ****
! namazu-1.3.0.11
--- 1 ----
! namazu-1.3.0.12
diff -cr namazu-1.3.0.11/src/messages.c namazu-1.3.0.12/src/messages.c
*** namazu-1.3.0.11/src/messages.c	Wed Jan 26 22:38:51 2000
--- namazu-1.3.0.12/src/messages.c	Tue Nov 27 17:04:10 2001
***************
*** 37,45 ****
  #endif
  
  /* information about Namazu */
! uchar *VERSION = "1.3.0.11";
  uchar *COPYRIGHT =
! "  Copyright (C) 1997-1999 Satoru Takabayashi All rights reserved.";
  
  uchar *MSG_USAGE, *MSG_TOO_LONG_KEY, *MSG_TOO_MANY_KEYITEM,
  *MSG_RESULT_HEADER, *MSG_NO_HIT, *MSG_HIT_1, *MSG_HIT_2,
--- 37,46 ----
  #endif
  
  /* information about Namazu */
! uchar *VERSION = "1.3.0.12";
  uchar *COPYRIGHT =
! "  Copyright (C) 1997-1999 Satoru Takabayashi All rights reserved.\n"
! "  Copyright (C) 2001 Namazu Project All rights reserved.";
  
  uchar *MSG_USAGE, *MSG_TOO_LONG_KEY, *MSG_TOO_MANY_KEYITEM,
  *MSG_RESULT_HEADER, *MSG_NO_HIT, *MSG_HIT_1, *MSG_HIT_2,
diff -cr namazu-1.3.0.11/src/mknmz.pl namazu-1.3.0.12/src/mknmz.pl
*** namazu-1.3.0.11/src/mknmz.pl	Wed Jan 26 22:38:51 2000
--- namazu-1.3.0.12/src/mknmz.pl	Tue Nov 27 17:03:22 2001
***************
*** 1,7 ****
  #!%OPT_PATH_PERL%
  #
  # mknmz.pl - indexer of Namazu
! # Version   1.3.0.11 [01/26/2000]
  #
  # Copyright (C) 1997-1999 Satoru Takabayashi  All rights reserved.
  #     This is free software with ABSOLUTELY NO WARRANTY.
--- 1,7 ----
  #!%OPT_PATH_PERL%
  #
  # mknmz.pl - indexer of Namazu
! # Version   1.3.0.12 [11/27/2001]
  #
  # Copyright (C) 1997-1999 Satoru Takabayashi  All rights reserved.
  #     This is free software with ABSOLUTELY NO WARRANTY.
diff -cr namazu-1.3.0.11/src/output.c namazu-1.3.0.12/src/output.c
*** namazu-1.3.0.11/src/output.c	Wed Jan 26 22:38:51 2000
--- namazu-1.3.0.12/src/output.c	Tue Nov 27 17:01:22 2001
***************
*** 13,20 ****
  	if (!strncmp(qs, "whence=", 7)) {
  	    printf("whence=%d", w);
  	    for (qs += 7; isdigit(*qs); qs++);
! 	} else
! 	    fputc(*(qs++), stdout);
      }
  }
  
--- 13,25 ----
  	if (!strncmp(qs, "whence=", 7)) {
  	    printf("whence=%d", w);
  	    for (qs += 7; isdigit(*qs); qs++);
! 	} else {
! 	    if (*qs == '"') {
! 		fputs("&quot;", stdout);
! 	    } else {
! 	        fputc(*qs, stdout);
! 	    }
! 	    qs ++;
      }
  }