Changeset 28899 for main/trunk

Timestamp:

2014-03-14T22:46:25+13:00 (10 years ago)

Author:

ak19

Message:

Third commit for security, for ensuring cgiargs macros are websafe. This time all the changes to the runtime action classes.

Location:

main/trunk/greenstone2/runtime-src/src/recpt

Files:

• authenaction.cpp (modified) (2 diffs)
• basequeryaction.cpp (modified) (1 diff)
• depositoraction.cpp (modified) (2 diffs)
• documentaction.cpp (modified) (8 diffs)
• dynamicclassifieraction.cpp (modified) (1 diff)
• gtiaction.cpp (modified) (3 diffs)
• pageaction.cpp (modified) (4 diffs)
• pageaction.h (modified) (1 diff)
• phindaction.cpp (modified) (15 diffs)
• phindaction.h (modified) (1 diff)
• pingaction.cpp (modified) (1 diff)
• queryaction.cpp (modified) (1 diff)
• receptionist.cpp (modified) (1 diff)
• rssaction.cpp (modified) (2 diffs)
• securitytools.cpp (modified) (4 diffs)
• securitytools.h (modified) (2 diffs)
• sqlqueryaction.cpp (modified) (1 diff)
• statusaction.cpp (modified) (5 diffs)
• usersaction.cpp (modified) (1 diff)

main/trunk/greenstone2/runtime-src/src/recpt/authenaction.cpp

@@ -308 +308 @@
   //      _authen:hiddenargs_   to contain all the arguments that were
   //                            explicitly set
-  disp.setmacro ("messagestatus", "authen", ("_authen:message" + args["us"]
+  disp.setmacro ("messagestatus", "authen", ("_authen:message" + encodeForHTML(args["us"])
                          + "_"));
   // change style of header and footer if page is a frame
@@ -339 +339 @@
     saveconfset.find((*args_here).first) == saveconfset.end()) {
       hiddenargs += "<input type=hidden name=\"" + (*args_here).first +
-    "\" value=\"_cgiarg" + (*args_here).first + "_\">\n";
+    "\" value=\"_cgiarg" + (*args_here).first + "Attrsafe_\">\n";
     }
     ++args_here;

main/trunk/greenstone2/runtime-src/src/recpt/basequeryaction.cpp

@@ -796 +796 @@
     textout << outconvert << disp 
         << "Location: _gwcgi_?e=_compressedoptions_&a=d&c=" 
-        << collection << "&cl=search&d=" << (*section).OID 
+        << encodeForURL(collection) << "&cl=search&d=" << (*section).OID
         << "&srn=" << srn << "&srp=" << srp << "\n\n";
     textout << flush;

main/trunk/greenstone2/runtime-src/src/recpt/depositoraction.cpp

@@ -707 +707 @@
   if ((depositor_page == "select") || (stepstring == "step")) {
           textout << outconvert << disp << ("_depositor:header_\n")
-          << ("_depositor:" + depositor_page + "content_\n")
+          << ("_depositor:" + encodeForHTML(depositor_page) + "content_\n")
           << ("_depositor:footer_\n");
       
@@ -771 +771 @@
       // output page ("bild" page was already output above)
       textout << outconvert << disp << ("_depositor:header_\n")
-          << ("_depositor:" + depositor_page + "content_\n")
+          << ("_depositor:" + encodeForHTML(depositor_page) + "content_\n")
           << ("_depositor:footer_\n");
     }

main/trunk/greenstone2/runtime-src/src/recpt/documentaction.cpp

@@ -607 +607 @@
       outlink = "_httpdocument_&d=" + response.docInfo[0].metadata["section"].values[0];
 #else
-      outlink = "_httpdocumenthandle_("+args["c"]+","+response.docInfo[0].metadata["section"].values[0]+")";
+      outlink = "_httpdocumenthandle_("+encodeForURL(args["c"])+","+response.docInfo[0].metadata["section"].values[0]+")";
 #endif
 
@@ -1066 +1066 @@
 #ifndef DOCHANDLE
         << "<frame name=\"documenttop\" frameborder=0 src=\"_gwcgi_?_optsite_e=_compressedoptions_&a=d&d=" 
-        << args["d"] << "\">"
+        << encodeForURL(args["d"]) << "\">"
 #else
         << "<frame name=\"documenttop\" frameborder=0 src=\"_httpdocumenthandle_(" 
-        << args["c"] << "," << args["d"] << ")\">"
+        << encodeForURL(args["c"]) << "," << encodeForURL(args["d"]) << ")\">"
 #endif
         << "<noframes>\n"
@@ -1143 +1143 @@
             #ifndef DOCHANDLE
                 << "<frame name=\"documenttop\" frameborder=0 src=\"_gwcgi_?_optsite_e=_compressedoptions_&a=d&d=" 
-                << args["d"] << "\">"
+                << encodeForURL(args["d"]) << "\">"
             #else
                 << "<frame name=\"documenttop\" frameborder=0 src=\"_httpdocumenthandle_(" 
-                << args["c"] << "," << args["d"] << ")\">"
+                << encodeForURL(args["c"]) << "," << encodeForURL(args["d"]) << ")\">"
             #endif
                 << "<noframes>\n"
@@ -1462 +1462 @@
                 logout << text_t2ascii
                     << "documentaction::output_document: call to QueryFilter failed "
-                    << "for " << args["c"] << " collection (" << get_comerror_string (err) << ")\n";
+                    << "for " << args["c"] << " collection (" << get_comerror_string (err) << ")\n";
                 highlight = false;
             } 
@@ -1645 +1645 @@
   if (haschildren) {
 #ifndef DOCHANLE
-    disp.setmacro ("httpnextarrow", "document", "_httpdocument_&amp;cl=" + args["cl"] +
-           "&amp;d=" + arg_d + ".fc");
+    disp.setmacro ("httpnextarrow", "document", "_httpdocument_&amp;cl=" + encodeForURL(args["cl"]) +
+           "&amp;d=" + encodeForURL(arg_d) + ".fc");
 #else
-    disp.setmacro ("httpnextarrow", "document", "_httpdocumenthandle_("+args["c"]+","+arg_d + ".fc)";
+    disp.setmacro ("httpnextarrow", "document", "_httpdocumenthandle_("+encodeForURL(args["c"])+","+encodeForURL(arg_d) + ".fc)";
 
 #endif
@@ -1658 +1658 @@
       if (!(*h).empty()) {
 #ifndef DOCHANLE
-    disp.setmacro ("httpnextarrow", "document", "_httpdocument_&amp;cl=" + args["cl"] +
+    disp.setmacro ("httpnextarrow", "document", "_httpdocument_&amp;cl=" + encodeForURL(args["cl"]) +
                "&amp;d=" + *h);
 #else
-    disp.setmacro ("httpnextarrow", "document", "_httpdocumenthandle_("+args["c"]+","+*h+")";
+    disp.setmacro ("httpnextarrow", "document", "_httpdocumenthandle_("+encodeForURL(args["c"])+","+*h+")";
 
 #endif
@@ -1674 +1674 @@
   if (!previous_sibling.empty()) {
 #ifndef DOCHANDLE
-    disp.setmacro ("httpprevarrow", "document", "_httpdocument_&amp;cl=" + args["cl"] +
+    disp.setmacro ("httpprevarrow", "document", "_httpdocument_&amp;cl=" + encodeForURL(args["cl"]) +
            "&amp;d=" + previous_sibling);
 #else
-    disp.setmacro ("httpprevarrow", "document", "_httpdocumenthandle_("+args["c"]+","+ previous_sibling+")");
+    disp.setmacro ("httpprevarrow", "document", "_httpdocumenthandle_("+encodeForURL(args["c"])+","+ previous_sibling+")");
 
 #endif
@@ -1684 +1684 @@
     if (countchar(arg_d.begin(), arg_d.end(), '.')) {
 #ifndef DOCHANDLE
-      disp.setmacro ("httpprevarrow", "document", "_httpdocument_&amp;cl=" + args["cl"] +
+      disp.setmacro ("httpprevarrow", "document", "_httpdocument_&amp;cl=" + encodeForURL(args["cl"]) +
              "&amp;d=" + get_parent(arg_d));
 #else
-      disp.setmacro ("httpprevarrow", "document", "_httpdocumenthandle_("+args["c"]+","+get_parent(arg_d)+")");
+      disp.setmacro ("httpprevarrow", "document", "_httpdocumenthandle_("+encodeForURL(args["c"])+","+get_parent(arg_d)+")");
 
 #endif

main/trunk/greenstone2/runtime-src/src/recpt/dynamicclassifieraction.cpp

@@ -151 +151 @@
   if (cinfo->dynamic_classifiers.find(arg_dcl) == cinfo->dynamic_classifiers.end())
   {
-    textout << outconvert << disp << "Error: Invalid dcl value \"" << arg_dcl << "\".\n";
+    textout << outconvert << disp << "Error: Invalid dcl value \"" << encodeForHTML(arg_dcl) << "\".\n";
     textout << outconvert << disp << "_dynamicclassifier:footer_\n";
     return true;

main/trunk/greenstone2/runtime-src/src/recpt/gtiaction.cpp

@@ -386 +386 @@
   languageinfo_tmap loaded_languages = recpt->get_configinfo().languages;
   disp.setmacro("gtitargetlanguagename", "gti", loaded_languages[target_language_code].longname);
-  disp.setmacro("gtitranslationfiledesc", "gti", "_gti:textgti" + translation_file_key + "_");
+  disp.setmacro("gtitranslationfiledesc", "gti", "_gti:textgti" + encodeForHTML(translation_file_key) + "_");
 
   if (query_string == "") {
@@ -496 +496 @@
     disp.setmacro("gtitargetfilepath", "gti", gti_response.translation_files_key_to_target_file_path_mapping[translation_file_key]);
   }
-  disp.setmacro("gtitranslationfiledesc", "gti", "_gti:textgti" + translation_file_key + "_");
-  disp.setmacro("gtiviewtranslationfileinaction", "gti", "_gti:gtiview" + translation_file_key + "inaction_");
+  disp.setmacro("gtitranslationfiledesc", "gti", "_gti:textgti" + encodeForHTML(translation_file_key) + "_");
+  disp.setmacro("gtiviewtranslationfileinaction", "gti", "_gti:gtiview" + encodeForHTML(translation_file_key) + "inaction_");
 
   disp.setmacro("gtinumchunkstranslated", "gti", gti_response.translation_files_key_to_num_chunks_translated_mapping[translation_file_key]);
@@ -660 +660 @@
  do_gti_request(gti_arguments, logout); 
 
- disp.setmacro("gtiglihelpzipfilepath", "gti", target_language_code + "_GLIHelp.zip");
+ disp.setmacro("gtiglihelpzipfilepath", "gti", encodeForURL(target_language_code) + "_GLIHelp.zip");
 
  return true;

main/trunk/greenstone2/runtime-src/src/recpt/pageaction.cpp

@@ -212 +212 @@
           
           text_t link = "_gwcgi_?"+optsite+"a=p&p=about&c=" + *collist_here;
-          link += "&l=" + args["l"] + "&w=" + args["w"];
+          link += "&l=" + encodeForURL(args["l"]) + "&w=" + encodeForURL(args["w"]);
 
           // We are "dynamically" overriding so to speak the
@@ -335 +335 @@
           if (cinfo->isCollectGroup) {
         link = "<a class=\"collectiontitle\" href=\"_gwcgi_?"+optsite+"a=p&amp;p=home&amp;g=" + *collist_here;
-        link += "&amp;l=" + args["l"] + "&amp;w=" + args["w"] + "\">";
+        link += "&amp;l=" + encodeForURL(args["l"]) + "&amp;w=" + encodeForURL(args["w"]) + "\">";
           }
           else {
         link = "<a class=\"collectiontitle\" href=\"_gwcgi_?"+optsite+"a=p&amp;p=about&amp;c=" + *collist_here;
-        link += "&amp;l=" + args["l"] + "&amp;w=" + args["w"] + "\">";
+        link += "&amp;l=" + encodeForURL(args["l"]) + "&amp;w=" + encodeForURL(args["w"]) + "\">";
           }
           
@@ -515 +515 @@
 
 void pageaction::set_macro_to_file_contents (displayclass &disp, const text_t &macroname,
-                         const text_t &packagename, const text_t &filename) {
+                         const text_t &packagename, const text_t &filename, bool encode) {
 
   text_t filecontent;
@@ -531 +531 @@
     file_in.close();
   }
+
+  // if we ever need to encode the contents into HTML, call this function with encode=true
+  if(encode) {
+    filecontent = encodeForHTML(filecontent);
+  }
+
   disp.setmacro (macroname, packagename, dm_safe(filecontent));
 }

main/trunk/greenstone2/runtime-src/src/recpt/pageaction.h

@@ -85 +85 @@
 
   void set_macro_to_file_contents (displayclass &disp, const text_t &macroname,
-                   const text_t &packagename, const text_t &filename);
+                   const text_t &packagename, const text_t &filename, bool encode=false);
 
   void set_language_encoding_macros(displayclass &disp, cgiargsclass &args,

main/trunk/greenstone2/runtime-src/src/recpt/phindaction.cpp

@@ -152 +152 @@
 
   unsigned long count_l, count_e, count_d;
-  unsigned long phrase = args["ppnum"].getulong();
+  unsigned long phrase = args["ppnum"].getulong(); // needn't encodeFor<web> on vars which have getulong() applied
   text_t &word = args["pptext"];
   unsigned long first_e = args["pfe"].getulong();
@@ -208 +208 @@
     
     if (result.empty()) {
-      output_error("phindaction: The search term ("+word+") does not occur in the collection",
+      output_error("phindaction: The search term ("+encodeForHTML(word)+") does not occur in the collection",
            textout, outconvert, disp, logout, XMLmode);
       return true;
@@ -255 +255 @@
   if (XMLmode) {
     textout << "<phinddata id=\"" << phrase 
-        << "\" text=\"" << word 
+        << "\" text=\"" << encodeForHTMLAttr(word) 
         << "\" tf=\"" << tf 
         << "\" ef=\"" << ef 
@@ -262 +262 @@
         << "\">\n";
   } else {
-    textout << "<html><head><title>" << word << "</title></head>\n"
+    textout << "<html><head><title>" << encodeForHTML(word) << "</title></head>\n"
         << "<body><center>\n"
-        << "<p><h1>" << word << "</h1>\n"
-        << "<p><b>"<< word << "</b> occurs " 
+        << "<p><h1>" << encodeForHTML(word) << "</h1>\n"
+        << "<p><b>"<< encodeForHTML(word) << "</b> occurs " 
         << tf << " times in " << df << " documents\n";
   }
@@ -316 +316 @@
       textout << outconvert << disp 
           << "<br><a href=\"_gwcgi_?"
-          << "c=" << args["c"]
+          << "c=" << encodeForURL(args["c"])
           << "&ppnum=" << phrase 
           << "&pfe=" << first_e 
@@ -328 +328 @@
     textout << outconvert << disp
         << "<br><a href=\"_gwcgi_?"
-        << "c=" << args["c"]
+        << "c=" << encodeForURL(args["c"])
         << "&ppnum=" << phrase 
         << "&pfe=" << first_e 
@@ -379 +379 @@
       textout << outconvert << disp 
           << "<br><a href=\"_gwcgi_?"
-          << "c=" << args["c"]
+          << "c=" << encodeForURL(args["c"])
           << "&ppnum=" << phrase 
           << "&pfe=" << first_e 
@@ -391 +391 @@
     textout << outconvert << disp
         << "<br><a href=\"_gwcgi_?"
-        << "c=" << args["c"]
+        << "c=" << encodeForURL(args["c"])
         << "&ppnum=" << phrase 
         << "&pfe=" << first_e 
@@ -453 +453 @@
       textout << outconvert << disp
           << "<br><a href=\"_gwcgi_?"
-          << "c=" << args["c"]
+          << "c=" << encodeForURL(args["c"])
           << "&ppnum=" << phrase 
           << "&pfe=" << first_e 
@@ -465 +465 @@
     textout << outconvert << disp 
         << "<br><a href=\"_gwcgi_?"
-        << "c=" << args["c"]
+        << "c=" << encodeForURL(args["c"])
         << "&ppnum=" << phrase 
         << "&pfe=" << first_e 
@@ -742 +742 @@
       textout << "<tr valign=top><td>" << type << "</td><td>";
       textout << outconvert << disp
-          << "<a href=\"_gwcgi_?c=" << collection;
+          << "<a href=\"_gwcgi_?c=" << encodeForURL(collection);
       textout << "&ppnum=" << phrase << "\">" << text << "</a>"
           << "</td><td>" << tf << "</td><td>" << df << "</td></tr>\n";
@@ -847 +847 @@
           << "\" df=\"" << df;
       if (!prefix.empty()) {
-    textout << "\" prefix=\"" << prefix;
+    text_t prefix_txt; 
+    fromUCArray(prefix, prefix_txt);
+    textout << "\" prefix=\"" << encodeForHTMLAttr(prefix_txt);
       }
       if (!suffix.empty()) {
-    textout << "\" suffix=\"" << suffix;
+    text_t suffix_txt; 
+    fromUCArray(suffix, suffix_txt);
+    textout << "\" suffix=\"" << encodeForHTMLAttr(suffix_txt);
       }
       textout << "\"/>\n";
@@ -856 +860 @@
       textout << outconvert << disp 
           << "<tr valign=top><td align=right><a href=\"_gwcgi_?"
-          << "c=" << collection << "&ppnum=" << phrase << "\">";
+          << "c=" << encodeForURL(collection) << "&ppnum=" << phrase << "\">";
       textout << prefix << "</a></td>";
       textout <<outconvert << disp
           << "<td align=center><a href=\"_gwcgi_?"
-          << "c=" << collection << "&ppnum=" << phrase << "\">"
-          << body << "</a></td>"
+          << "c=" << encodeForURL(collection) << "&ppnum=" << phrase << "\">"
+          << encodeForHTML(body) << "</a></td>"
           << "<td align=left><a href=\"_gwcgi_?"
-          << "c=" << collection << "&ppnum=" << phrase << "\">";
+          << "c=" << encodeForURL(collection) << "&ppnum=" << phrase << "\">";
       textout << suffix << "</a></td>"
           << "<td>" << tf << "</td><td>" << df << "</td></tr>\n";
@@ -986 +990 @@
       textout << outconvert << disp
           << "<tr valign=top><td><a href=\"_gwcgi_?"
-          << "c=" << collection;
+          << "c=" << encodeForURL(collection);
       textout << "&a=d&d=" << hash << "\">" << title << "</a>"
           << "</td><td>" << freq << "</td></tr>\n"; 
@@ -1057 +1061 @@
 }
 
+void phindaction::fromUCArray(const UCArray &arrin, text_t &txtout) {
+  txtout.clear();
+  if (txtout.capacity() < arrin.size() + 1) {
+    txtout.reserve(arrin.size() + 1);
+  }
+  vector<unsigned char>::const_iterator here = arrin.begin();
+  vector<unsigned char>::const_iterator end = arrin.end();
+  while (here != end) {
+    txtout.push_back(*here); // don't need to cast unsigned char to unsigned short
+    ++here;
+  }
+}
+
+
 void phindaction::output_error (const text_t &message, ostream &textout, 
                 outconvertclass &outconvert,

main/trunk/greenstone2/runtime-src/src/recpt/phindaction.h

@@ -93 +93 @@
 
   void toUCArray(const text_t &in, UCArray &out);
+  void fromUCArray(const UCArray &arrin, text_t &txtout);
 
   void output_error (const text_t &message, ostream &textout, 

main/trunk/greenstone2/runtime-src/src/recpt/pingaction.cpp

@@ -76 +76 @@
     textout << outconvert << "Ping";
   } else {
-    textout << outconvert << "Ping for \"" << args["c"] << "\"";
+        textout << outconvert << "Ping for \"" << encodeForHTML(args["c"]) << "\"";
   }
 

main/trunk/greenstone2/runtime-src/src/recpt/queryaction.cpp

@@ -747 +747 @@
       << "<input type=\"hidden\" name=\"ccp\" value=\"1\">\n"
       << "<center><table width=\"_pagewidth_\"><tr valign=\"top\">\n"
-      << "<td>Select collections to search for \"" << args["q"] 
-      << "\" <i>(index=" << index << " subcollection=" << subcollection
-      << " language=" << language << ")</i></td>\n"
+      << "<td>Select collections to search for \"" << encodeForHTML(args["q"])
+      << "\" <i>(index=" << encodeForHTML(index) << " subcollection=" << encodeForHTML(subcollection)
+      << " language=" << encodeForHTML(language) << ")</i></td>\n"
       << "<td><input type=\"submit\" value=\"_query:textbeginsearch_\"></td>\n"
       << "</tr></table></center>\n"

main/trunk/greenstone2/runtime-src/src/recpt/receptionist.cpp

@@ -1533 +1533 @@
     text_t urlsafe = encodeForURL(macrovalue);
     text_t jssafe = encodeForJavascript(macrovalue); // with default setting will return \\x and \\u for macro files
-    text_t csssafe = encodeForCSS(macrovalue);
+    text_t csssafe = encodeForCSS(macrovalue); // not yet used anywhere, but is available for use in macros
+    text_t sqlsafe = encodeForSQL(macrovalue);
 
     disp.setmacro ("cgiarg" + (*argshere).first + "Htmlsafe", displayclass::defaultpackage, htmlsafe);    
     disp.setmacro ("cgiarg" + (*argshere).first + "Attrsafe", displayclass::defaultpackage, attrsafe);
+    disp.setmacro ("cgiarg" + (*argshere).first + "Urlsafe", displayclass::defaultpackage, urlsafe);
     disp.setmacro ("cgiarg" + (*argshere).first + "Jssafe", displayclass::defaultpackage, jssafe);
     disp.setmacro ("cgiarg" + (*argshere).first + "Csssafe", displayclass::defaultpackage, csssafe);
-    disp.setmacro ("cgiarg" + (*argshere).first + "Urlsafe", displayclass::defaultpackage, urlsafe);
+    disp.setmacro ("cgiarg" + (*argshere).first + "Sqlsafe", displayclass::defaultpackage, sqlsafe);
     
 

main/trunk/greenstone2/runtime-src/src/recpt/rssaction.cpp

@@ -70 +70 @@
       << "  <link>_httpdomain__httppageabout_</link>\n"
       << "  <description>_collectionextra_</description>\n"
-      << "  <language>_cgiargl_</language>\n"
+      << "  <language>_cgiarglHtmlsafe_</language>\n"
       << "  <pubDate>Thu, 23 Aug 1999 07:00:00 GMT</pubDate>\n"
       << "  <lastBuildDate>Thu, 23 Aug 1999 16:20:26 GMT</lastBuildDate>\n"
@@ -122 +122 @@
   // If ever adding a custom macro file like rss.dm that mentions the package, need to list rss.dm in etc/main.cfg
 
-  if(disp.havemacro("Global", "httpdomain") == 0) { // if using rss package, willcheck rss and Global packages in order. And if not found:
+  if(disp.havemacro("Global", "httpdomain") == 0) { // if using rss package, will check rss and Global packages in order. And if not found:
     
     if(!args["hostname"].empty()) {
-      disp.setmacro("httpdomain", "Global", "http://" + args["hostname"]);
+      disp.setmacro("httpdomain", "Global", "http://" + encodeForURL(args["hostname"]));
     } 
     else { // we shouldn't have to get here

main/trunk/greenstone2/runtime-src/src/recpt/securitytools.cpp

@@ -136 +136 @@
 }
 
-
-text_t encodeForMySQL(const text_t& in, const text_t& immuneChars, const SQLMode mode) {
-  text_t out;
-  text_t::const_iterator here = in.begin();
-  text_t::const_iterator end = in.end();
-  while (here != end) {
-    out += encodeForMySQL(immuneChars, *here, mode); // IMMUNE_SQL and STANDARD SQLMode by default
+text_t encodeForSQL(const text_t& in, const text_t& immuneChars, const SQLMode mode) {
+  text_t out;
+  text_t::const_iterator here = in.begin();
+  text_t::const_iterator end = in.end();
+  while (here != end) {
+    out += encodeForSQL(immuneChars, *here, mode); // IMMUNE_SQL and STANDARD SQLMode by default
     ++here;
   }
@@ -320 +319 @@
 
 /* 
+
+ C++ port of OWASP-ESAPI for MySQL. Not sure if this is is the same for SQLite
+
 http://code.google.com/p/owasp-esapi-java/source/browse/trunk/src/main/java/org/owasp/esapi/codecs/MySQLCodec.java
  Defense Option 3 of https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet
@@ -335 +337 @@
 
 */
-text_t encodeForMySQL(const text_t& immuneChars, const unsigned short in, const SQLMode mode) {
+text_t encodeForSQL(const text_t& immuneChars, const unsigned short in, const SQLMode mode) {
   
   text_t result = "";
@@ -392 +394 @@
 }
 
+// Unused at present.
 // See Codec.hex[] initialization and Codec.getHexForNonAlphanumeric(c) and Codec.toHex(c)
 // http://code.google.com/p/owasp-esapi-java/source/browse/trunk/src/main/java/org/owasp/esapi/codecs/Codec.java

main/trunk/greenstone2/runtime-src/src/recpt/securitytools.h

@@ -28 +28 @@
 text_t encodeForHTMLAttr(const text_t& input, const text_t& immuneChars=IMMUNE_HTMLATTR);
 text_t encodeForCSS(const text_t& input, const text_t& immuneChars=IMMUNE_CSS);
-text_t encodeForMySQL(const text_t& input, const text_t& immuneChars=IMMUNE_SQL, const SQLMode mode=STANDARD);
+// C++ port of OWASP-ESAPI for MySQL, not sure if this is is the same for SQLite
+text_t encodeForSQL(const text_t& input, const text_t& immuneChars=IMMUNE_SQL, const SQLMode mode=STANDARD);
 
 // Character conversions
@@ -35 +36 @@
 text_t encodeForJavascript(const text_t& immuneChars, const unsigned short input, bool dmsafe);
 text_t encodeForCSS(const text_t& immuneChars, const unsigned short input);
-text_t encodeForMySQL(const text_t& immuneChars, const unsigned short input, const SQLMode mode);
+text_t encodeForSQL(const text_t& immuneChars, const unsigned short input, const SQLMode mode);
 
 

main/trunk/greenstone2/runtime-src/src/recpt/sqlqueryaction.cpp

@@ -270 +270 @@
   if (args["qt"]=="0" && args["sqlqto"] != "1") { // normal text search
     unsafe_cgi_arg("ALL", args["q"]);
-    formattedstring = "SELECT DISTINCT docOID FROM document_metadata WHERE " + args["q"];    
+    formattedstring = "SELECT DISTINCT docOID FROM document_metadata WHERE " + encodeForSQL(args["q"]);    
   }
   else if (args["qt"]=="1" || args["sqlqto"]=="1"){ // form search

main/trunk/greenstone2/runtime-src/src/recpt/statusaction.cpp

@@ -353 +353 @@
     arg_value = args.getarg (ainfo.shortname);
     if (arg_value == NULL) textout << outconvert << "<td></td></tr>\n";
-    else textout << outconvert << "<td>\"" << *arg_value << "\"</td></tr>\n";
+    else textout << outconvert << "<td>\"" << encodeForHTML(*arg_value) << "\"</td></tr>\n";
     
     ++argsinfohere;
@@ -547 +547 @@
   
   if (rprotolist_here == rprotolist_end) {
-    textout << outconvert << "Protocol \"" << arg_pr << "\" with collection \""
-        << arg_c << "\" was not found\n";
+    textout << outconvert << "Protocol \"" << encodeForHTML(arg_pr) << "\" with collection \""
+        << encodeForHTML(arg_c) << "\" was not found\n";
 
   } else {
@@ -819 +819 @@
     text_t errorpage = "<p><pre>\n";
 
+    text_t errorpage_content;
     char c;
     errin.get(c);
     while (!errin.eof ()) {
-      errorpage.push_back(c);
+      errorpage_content.push_back(c);
       errin.get(c);
     }
-    
+    // need to ensure that error_log displayed from Admin pages is encoded/safe for an HTML context
+    errorpage += encodeForHTML(errorpage_content);
+
     errorpage += "</pre>\n";
     errin.close();
@@ -849 +852 @@
   text_t llssite_cfg = filename_cat (gsdlhome, "llssite.cfg");
 #else
-  text_t llssite_cfg = "llssite.cfg";
+  text_t llssite_cfg = filename_cat (gsdlhome, "llssite.cfg"); //"llssite.cfg";
 #endif
 
@@ -1138 +1141 @@
   else {
     output_errorpage (outconvert, textout, logout, 
-              "Unknown page \"" + arg_p + "\".\n");
+              "Unknown page \"" + encodeForHTML(arg_p) + "\".\n");
   }
 

main/trunk/greenstone2/runtime-src/src/recpt/usersaction.cpp

@@ -235 +235 @@
     if (user_database->get_user_info(*users_here, userinfo) == ERRNO_SUCCEED) {
       textout << outconvert << disp
-          << "<tr><td bgcolor=\"\\#eeeeee\">" << userinfo.username << "</td>\n"
+          << "<tr><td bgcolor=\"\\#eeeeee\">" << encodeForHTML(userinfo.username) << "</td>\n"
               << "<td bgcolor=\"\\#eeeeee\">" << (char *) (userinfo.enabled ? "enabled" : "disabled") << "</td>\n"
-          << "<td bgcolor=\"\\#eeeeee\">" << userinfo.groups << "&nbsp;</td>\n"
-          << "<td bgcolor=\"\\#eeeeee\">" << userinfo.comment << "&nbsp;</td>\n"
+          << "<td bgcolor=\"\\#eeeeee\">" << encodeForHTML(userinfo.groups) << "&nbsp;</td>\n"
+          << "<td bgcolor=\"\\#eeeeee\">" << encodeForHTML(userinfo.comment) << "&nbsp;</td>\n"
           << "<td><a href=\"_httpcurrentdocument_&a=um&uma=edituser&umun="
-          << userinfo.username << "\">_userslistusers:textedituser_</a> "
+          << encodeForHTML(userinfo.username) << "\">_userslistusers:textedituser_</a> "
           << "<a href=\"_httpcurrentdocument_&a=um&uma=deleteuser&umun="
-          << userinfo.username << "\">_userslistusers:textdeleteuser_</a>"
+          << encodeForHTML(userinfo.username) << "\">_userslistusers:textdeleteuser_</a>"
           << "</td></tr>\n\n";