X-Git-Url: http://www.privoxy.org/gitweb/show-status?a=blobdiff_plain;f=cgi.c;h=d60166f224a94a9f91513e8f06caccae32ec0ebf;hb=87253c999d5628a6e9287bb0cc613d7b44bcec09;hp=cb1f07258f7741b896478e5ee6a69d2cf21a9bf9;hpb=10fc609bee8f3c6832d9107e01f59386febe341a;p=privoxy.git diff --git a/cgi.c b/cgi.c index cb1f0725..d60166f2 100644 --- a/cgi.c +++ b/cgi.c @@ -7,7 +7,7 @@ * This only contains the framework functions, the * actual handler functions are declared elsewhere. * - * Copyright : Written by and Copyright (C) 2001-2020 + * Copyright : Written by and Copyright (C) 2001-2021 * members of the Privoxy team. https://www.privoxy.org/ * * Based on the Internet Junkbuster originally written @@ -1199,7 +1199,8 @@ jb_err cgi_error_no_template(const struct client_state *csp, ").

\n" "\n" "\n"; - const size_t body_size = strlen(body_prefix) + strlen(template_name) + strlen(body_suffix) + 1; + size_t body_size = strlen(body_prefix) + strlen(body_suffix) + 1; + const char *encoded_template_name; assert(csp); assert(rsp); @@ -1213,9 +1214,17 @@ jb_err cgi_error_no_template(const struct client_state *csp, rsp->head_length = 0; rsp->is_static = 0; + encoded_template_name = html_encode(template_name); + if (encoded_template_name == NULL) + { + return JB_ERR_MEMORY; + } + + body_size += strlen(encoded_template_name); rsp->body = malloc_or_die(body_size); strlcpy(rsp->body, body_prefix, body_size); - strlcat(rsp->body, template_name, body_size); + strlcat(rsp->body, encoded_template_name, body_size); + freez(encoded_template_name); strlcat(rsp->body, body_suffix, body_size); rsp->status = strdup(status); @@ -2014,7 +2023,7 @@ jb_err template_fill(char **template_ptr, const struct map *exports) char buf[BUFFER_SIZE]; char *tmp_out_buffer; char *file_buffer; - size_t size; + size_t buffer_size, new_size; int error; const char *flags; @@ -2023,7 +2032,7 @@ jb_err template_fill(char **template_ptr, const struct map *exports) assert(exports); file_buffer = *template_ptr; - size = strlen(file_buffer) + 1; + buffer_size = strlen(file_buffer) + 1; /* * Assemble pcrs joblist from exports map @@ -2073,7 +2082,10 @@ jb_err template_fill(char **template_ptr, const struct map *exports) } else { - error = pcrs_execute(job, file_buffer, size, &tmp_out_buffer, &size); + error = pcrs_execute(job, file_buffer, buffer_size, &tmp_out_buffer, + &new_size); + + buffer_size = new_size; pcrs_free_job(job); if (NULL == tmp_out_buffer)