diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2006-09-26 03:26:37 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2006-09-26 03:26:37 +0000 |
| commit | 690ab42198d83d2736fc76f044bc4c0e34f182e0 (patch) | |
| tree | d5ba16b5cc33af74508543677c6a46e9607f5610 | |
| parent | e212147b9787cb7efe944103b8a390709a6badbe (diff) | |
escape error response to unsupported Expect: header, fixes
CVE-2006-3918; ok cloder@
| -rw-r--r-- | usr.sbin/httpd/src/main/http_protocol.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/usr.sbin/httpd/src/main/http_protocol.c b/usr.sbin/httpd/src/main/http_protocol.c index 7cb0c6683e4..feac8582635 100644 --- a/usr.sbin/httpd/src/main/http_protocol.c +++ b/usr.sbin/httpd/src/main/http_protocol.c @@ -1,4 +1,4 @@ -/* $OpenBSD: http_protocol.c,v 1.30 2006/02/11 19:15:57 otto Exp $ */ +/* $OpenBSD: http_protocol.c,v 1.31 2006/09/26 03:26:36 djm Exp $ */ /* ==================================================================== * The Apache Software License, Version 1.1 * @@ -2922,7 +2922,8 @@ API_EXPORT(void) ap_send_error_response(request_rec *r, int recursive_error) ap_rvputs(r, "The expectation given in the Expect request-header" "\nfield could not be met by this server.<P>\n" "The client sent<PRE>\n Expect: ", - ap_table_get(r->headers_in, "Expect"), "\n</PRE>\n" + ap_escape_html(r->pool, ap_table_get(r->headers_in, + "Expect")), "\n</PRE>\n" "but we only allow the 100-continue expectation.\n", NULL); break; |