Quote HTML entities in s_server output

Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Rich Salz <rsalz@openssl.org> 2015-04-25 16:06:19 -0400
committer: Rich Salz <rsalz@openssl.org> 2015-04-25 16:06:19 -0400
commit: f92beb98de0c8fdbf18f29642264258cc2ff05e7 (patch)
tree: 0c39e8e7786d61b9d00cb1c19947dec01c277b62 /apps/s_server.c
parent: c6724060e267f55cb5c5088b771c9ded9af0e16b (diff)
download: openssl-new-f92beb98de0c8fdbf18f29642264258cc2ff05e7.tar.gz
1 files changed, 16 insertions, 1 deletions
diff --git a/apps/s_server.c b/apps/s_server.c
index 3644381ece..88309a6b9c 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2723,7 +2723,22 @@ static int www_body(char *hostname, int s, int stype, unsigned char *context)
 /*                      BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
             BIO_puts(io, "\n");
             for (i = 0; i < local_argc; i++) {
-                BIO_puts(io, local_argv[i]);
+                const char *myp;
+                for (myp = local_argv[i]; *myp; myp++)
+                    switch (*myp) {
+                    case '<':
+                        BIO_puts(io, "&lt;");
+                        break;
+                    case '>':
+                        BIO_puts(io, "&gt;");
+                        break;
+                    case '&':
+                        BIO_puts(io, "&amp;");
+                        break;
+                    default:
+                        BIO_write(io, myp, 1);
+                        break;
+                    }
                 BIO_write(io, " ", 1);
             }
             BIO_puts(io, "\n");
author	Rich Salz <rsalz@openssl.org>	2015-04-25 16:06:19 -0400
committer	Rich Salz <rsalz@openssl.org>	2015-04-25 16:06:19 -0400
commit	f92beb98de0c8fdbf18f29642264258cc2ff05e7 (patch)
tree	0c39e8e7786d61b9d00cb1c19947dec01c277b62 /apps/s_server.c
parent	c6724060e267f55cb5c5088b771c9ded9af0e16b (diff)
download	openssl-new-f92beb98de0c8fdbf18f29642264258cc2ff05e7.tar.gz