ports/85240: Ampersand problem in pwman
Maurice Castro
maurice at sphinx.clari.net.au
Tue Aug 23 04:50:30 UTC 2005
>Number: 85240
>Category: ports
>Synopsis: Ampersand problem in pwman
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Tue Aug 23 04:50:29 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Maurice Castro
>Release: FreeBSD 5.4-RELEASE i386
>Organization:
>Environment:
System: FreeBSD sphinx.clari.net.au 5.4-RELEASE FreeBSD 5.4-RELEASE #0: Mon Aug 15 14:39:49 EST 2005 maurice at sphinx.clari.net.au:/work/src/sys/i386/compile/sphinx i386
>Description:
pwman does not handle & correctly within passwords. After quitting the
program the ampersands are removed. An unofficial patch is available
from sourceforge
>How-To-Repeat:
>Fix:
Download http://sourceforge.net/tracker/download.php?group_id=50130&atid=458675&file_id=124842&aid=1159935 and save as files/patch-aa add 'src/' to the
front of the filenames to allow it to automatically patch
--- src/pwlist.c.old 2005-03-09 16:07:07.000000000 +0000
+++ src/pwlist.c 2005-03-09 16:06:37.000000000 +0000
@@ -272,13 +272,32 @@
write_password_node(xmlNodePtr root, Pw* pw)
{
xmlNodePtr node;
+ xmlChar *escaped;
+
+ // Take the inbound strings. Treat as an xmlChar, and escape
+ // Need to free the result of escape every time
node = xmlNewChild(root, NULL, (xmlChar*)"PwItem", NULL);
- xmlNewChild(node, NULL, (xmlChar*)"name", (xmlChar*)pw->name);
- xmlNewChild(node, NULL, (xmlChar*)"host", (xmlChar*)pw->host);
- xmlNewChild(node, NULL, (xmlChar*)"user", (xmlChar*)pw->user);
- xmlNewChild(node, NULL, (xmlChar*)"passwd", (xmlChar*)pw->passwd);
- xmlNewChild(node, NULL, (xmlChar*)"launch", (xmlChar*)pw->launch);
+
+ escaped = xmlEncodeSpecialChars(root, (xmlChar*)pw->name);
+ xmlNewChild(node, NULL, (xmlChar*)"name", escaped);
+ xmlFree(escaped);
+
+ escaped = xmlEncodeSpecialChars(root, (xmlChar*)pw->host);
+ xmlNewChild(node, NULL, (xmlChar*)"host", escaped);
+ xmlFree(escaped);
+
+ escaped = xmlEncodeSpecialChars(root, (xmlChar*)pw->user);
+ xmlNewChild(node, NULL, (xmlChar*)"user", escaped);
+ xmlFree(escaped);
+
+ escaped = xmlEncodeSpecialChars(root, (xmlChar*)pw->passwd);
+ xmlNewChild(node, NULL, (xmlChar*)"passwd", escaped);
+ xmlFree(escaped);
+
+ escaped = xmlEncodeSpecialChars(root, (xmlChar*)pw->launch);
+ xmlNewChild(node, NULL, (xmlChar*)"launch", escaped);
+ xmlFree(escaped);
}
int
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list