From 18cc8e835b71e832d78c93bf97a6232a088747fb Mon Sep 17 00:00:00 2001
From: Jim Jagielski <jim@apache.org>
Date: Mon, 26 Nov 2012 17:18:54 +0000
Subject: CVE-2012-3499 and CVE-2012-4558

Be sure to escape potential troubled strings


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1413732 13f79535-47bb-0310-9956-ffa450edef68
---
 modules/proxy/mod_proxy_ftp.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'modules/proxy/mod_proxy_ftp.c')

diff --git a/modules/proxy/mod_proxy_ftp.c b/modules/proxy/mod_proxy_ftp.c
index 4b7fef2fb4..b6e9f821bd 100644
--- a/modules/proxy/mod_proxy_ftp.c
+++ b/modules/proxy/mod_proxy_ftp.c
@@ -530,7 +530,9 @@ static apr_status_t proxy_send_dir_filter(ap_filter_t *f,
                 " </head>\n"
                 " <body>\n  <h2>Directory of "
                 "<a href=\"/\">%s</a>/%s",
-                site, basedir, escpath, site, basedir, escpath, site, str);
+                ap_escape_html(p, site), basedir, escpath,
+                ap_escape_uri(p, site), basedir, escpath,
+                ap_escape_uri(p, site), str);
 
         APR_BRIGADE_INSERT_TAIL(out, apr_bucket_pool_create(str, strlen(str),
                                                           p, c->bucket_alloc));
-- 
cgit v1.2.3