From: Ruediger Pluem <rpluem@apache.org>
Date: Tue, 5 Aug 2008 19:00:04 +0000 (+0000)
Subject: * Prevent XSS attacks when using wildcards in the path of the FTP URL
X-Git-Tag: 2.3.0~396
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=14e37944f999e75071e35681b64c4b7dd293ed9d;p=apache

* Prevent XSS attacks when using wildcards in the path of the FTP URL
  (CVE-2008-2939). Discovered by Marc Bevand of Rapid7.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@682868 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/proxy/mod_proxy_ftp.c b/modules/proxy/mod_proxy_ftp.c
index e2350f4768..31a9ae3de9 100644
--- a/modules/proxy/mod_proxy_ftp.c
+++ b/modules/proxy/mod_proxy_ftp.c
@@ -390,6 +390,7 @@ static apr_status_t proxy_send_dir_filter(ap_filter_t *f,
                                                            c->bucket_alloc));
         }
         if (wildcard != NULL) {
+            wildcard = ap_escape_html(p, wildcard);
             APR_BRIGADE_INSERT_TAIL(out, apr_bucket_pool_create(wildcard,
                                                            strlen(wildcard), p,
                                                            c->bucket_alloc));