From 18cc8e835b71e832d78c93bf97a6232a088747fb Mon Sep 17 00:00:00 2001
From: Jim Jagielski <jim@apache.org>
Date: Mon, 26 Nov 2012 17:18:54 +0000
Subject: CVE-2012-3499 and CVE-2012-4558

Be sure to escape potential troubled strings


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1413732 13f79535-47bb-0310-9956-ffa450edef68
---
 modules/generators/mod_info.c   | 3 ++-
 modules/generators/mod_status.c | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

(limited to 'modules/generators')

diff --git a/modules/generators/mod_info.c b/modules/generators/mod_info.c
index 75c37782bc..2f2db9fa61 100644
--- a/modules/generators/mod_info.c
+++ b/modules/generators/mod_info.c
@@ -459,7 +459,8 @@ static int show_server_settings(request_rec * r)
                MODULE_MAGIC_NUMBER_MINOR);
     ap_rprintf(r,
                "<dt><strong>Hostname/port:</strong> "
-               "<tt>%s:%u</tt></dt>\n", ap_get_server_name(r),
+               "<tt>%s:%u</tt></dt>\n",
+               ap_escape_html(r->pool, ap_get_server_name(r)),
                ap_get_server_port(r));
     ap_rprintf(r,
                "<dt><strong>Timeouts:</strong> "
diff --git a/modules/generators/mod_status.c b/modules/generators/mod_status.c
index 8b39db43a9..54404e90bb 100644
--- a/modules/generators/mod_status.c
+++ b/modules/generators/mod_status.c
@@ -400,7 +400,8 @@ static int status_handler(request_rec *r)
                  "<title>Apache Status</title>\n"
                  "</head><body>\n"
                  "<h1>Apache Server Status for ", r);
-        ap_rvputs(r, ap_get_server_name(r), " (via ", r->connection->local_ip,
+        ap_rvputs(r, ap_escape_html(r->pool, ap_get_server_name(r)),
+                  " (via ", r->connection->local_ip,
                   ")</h1>\n\n", NULL);
         ap_rvputs(r, "<dl><dt>Server Version: ",
                   ap_get_server_description(), "</dt>\n", NULL);
-- 
cgit v1.2.1