Escape potentially problematic characters in ${url}

diff --git a/config.h b/config.h
index 7f0db3bbe1d9a02d928e2030c0741663618d8a20..49e64bea86abd2d50490762e8fa96a9ed304e170 100644 (file)
--- a/config.h
+++ b/config.h
@@ -138,7 +138,7 @@
 #define STDC_HEADERS 1
 
 /* Most recent revision number in the version control system */
-#define VCS_REVISION "178"
+#define VCS_REVISION "179"
 
 /* Version number of package */
 #define VERSION "2.9"

diff --git a/configure b/configure
index 71163f695ad18dee0a8c8a1416c6aec39c239fb1..b40a1ad975094f0ec84b81c190f2f948cbf36e37 100755 (executable)
--- a/configure
+++ b/configure
@@ -2319,7 +2319,7 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $
 ac_compiler_gnu=$ac_cv_c_compiler_gnu
 
 
-VCS_REVISION=178
+VCS_REVISION=179
 
 
 cat >>confdefs.h <<_ACEOF

diff --git a/configure.ac b/configure.ac
index 0e5c78f9390ec973e9b026a498ae002bd744f386..71872265c69a5eba8d6b09eeaf1ed2218d7b1372 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@ AC_PREREQ(2.57)
 
 dnl This is the one location where the authoritative version number is stored
 AC_INIT(shellinabox, 2.9, markus@shellinabox.com)
-VCS_REVISION=178
+VCS_REVISION=179
 AC_SUBST(VCS_REVISION)
 AC_DEFINE_UNQUOTED(VCS_REVISION, "${VCS_REVISION}",
                    [Most recent revision number in the version control system])

diff --git a/demo/vt100.js b/demo/vt100.js
index 54aef0dae192d6c200147d4f306f30c670b2e890..2841fcf444cbd6813738f195a44998c2559d7135 100644 (file)
--- a/demo/vt100.js
+++ b/demo/vt100.js
@@ -1901,7 +1901,7 @@ VT100.prototype.toggleBell = function() {
 };
 
 VT100.prototype.about = function() {
-  alert("VT100 Terminal Emulator " + "2.9 (revision 178)" +
+  alert("VT100 Terminal Emulator " + "2.9 (revision 179)" +
         "\nCopyright 2008-2009 by Markus Gutschke\n" +
         "For more information check http://shellinabox.com");
 };

diff --git a/shellinabox/launcher.c b/shellinabox/launcher.c
index 3bf3933134cf1965d1fb79e21f7bb131523654ad..06fcf9a2ed058ae29bd2f302acdf103e833a855a 100644 (file)
--- a/shellinabox/launcher.c
+++ b/shellinabox/launcher.c
@@ -407,16 +407,28 @@ int launchChild(int service, struct Session *session, const char *url) {
     return -1;
   }
 
+  char *u;
+  check(u              = strdup(url));
+  for (int i; u[i = strcspn(u, "\\\"'`${};() \r\n\t\v\f")]; ) {
+    static const char hex[] = "0123456789ABCDEF";
+    check(u            = realloc(u, strlen(u) + 4));
+    memmove(u + i + 3, u + i + 1, strlen(u + i));
+    u[i + 2]           = hex[ u[i]       & 0xF];
+    u[i + 1]           = hex[(u[i] >> 4) & 0xF];
+    u[i]               = '%';
+  }
+
   struct LaunchRequest *request;
-  size_t len           = sizeof(struct LaunchRequest) + strlen(url) + 1;
+  size_t len           = sizeof(struct LaunchRequest) + strlen(u) + 1;
   check(request        = calloc(len, 1));
   request->service     = service;
   request->width       = session->width;
   request->height      = session->height;
   strncat(request->peerName, httpGetPeerName(session->http),
           sizeof(request->peerName) - 1);
-  request->urlLength   = strlen(url);
-  memcpy(&request->url, url, request->urlLength);
+  request->urlLength   = strlen(u);
+  memcpy(&request->url, u, request->urlLength);
+  free(u);
   if (NOINTR(write(launcher, request, len)) != len) {
     free(request);
     return -1;

diff --git a/shellinabox/shell_in_a_box.js b/shellinabox/shell_in_a_box.js
index af87ad8dd8a57c08771c40bfb7294492af97b291..68b139b34f6fafb51c219cce729145d9eefe2117 100644 (file)
--- a/shellinabox/shell_in_a_box.js
+++ b/shellinabox/shell_in_a_box.js
@@ -358,7 +358,7 @@ ShellInABox.prototype.extendContextMenu = function(entries, actions) {
 };
 
 ShellInABox.prototype.about = function() {
-  alert("Shell In A Box version " + "2.9 (revision 178)" +
+  alert("Shell In A Box version " + "2.9 (revision 179)" +
         "\nCopyright 2008-2009 by Markus Gutschke\n" +
         "For more information check http://shellinabox.com" +
         (typeof serverSupportsSSL != 'undefined' && serverSupportsSSL ?

diff --git a/shellinabox/vt100.js b/shellinabox/vt100.js
index 54aef0dae192d6c200147d4f306f30c670b2e890..2841fcf444cbd6813738f195a44998c2559d7135 100644 (file)
--- a/shellinabox/vt100.js
+++ b/shellinabox/vt100.js
@@ -1901,7 +1901,7 @@ VT100.prototype.toggleBell = function() {
 };
 
 VT100.prototype.about = function() {
-  alert("VT100 Terminal Emulator " + "2.9 (revision 178)" +
+  alert("VT100 Terminal Emulator " + "2.9 (revision 179)" +
         "\nCopyright 2008-2009 by Markus Gutschke\n" +
         "For more information check http://shellinabox.com");
 };