From 4305a8931cbb817f8e2690aff03fc78460c878e1 Mon Sep 17 00:00:00 2001 From: "uwe.tews@googlemail.com" Date: Tue, 11 Sep 2012 16:23:30 +0000 Subject: [PATCH] - bugfix escape Smarty exception messages to avoid possible script execution --- change_log.txt | 3 +++ libs/Smarty.class.php | 11 +++++++---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/change_log.txt b/change_log.txt index 9ba321aa..0bb03e1b 100644 --- a/change_log.txt +++ b/change_log.txt @@ -1,4 +1,7 @@ ===== trunk ===== +11.09.2012 +- bugfix escape Smarty exception messages to avoid possible script execution + 10.09.2012 - bugfix tag option flags and shorttag attributes did not work when rdel started with '=' (Forum Topic 22979) diff --git a/libs/Smarty.class.php b/libs/Smarty.class.php index 3c5e806e..54649927 100644 --- a/libs/Smarty.class.php +++ b/libs/Smarty.class.php @@ -189,12 +189,12 @@ class Smarty extends Smarty_Internal_TemplateBase { * Flag denoting if PCRE should run in UTF-8 mode */ public static $_UTF8_MODIFIER = 'u'; - + /** * Flag denoting if operating system is windows */ public static $_IS_WINDOWS = false; - + /**#@+ * variables */ @@ -1281,7 +1281,7 @@ class Smarty extends Smarty_Internal_TemplateBase { } // plugin filename is expected to be: [type].[name].php $_plugin_filename = "{$_name_parts[1]}.{$_name_parts[2]}.php"; - + $_stream_resolve_include_path = function_exists('stream_resolve_include_path'); // loop through plugin dirs and find the plugin @@ -1302,7 +1302,7 @@ class Smarty extends Smarty_Internal_TemplateBase { } else { $file = Smarty_Internal_Get_Include_Path::getIncludePath($file); } - + if ($file !== false) { require_once($file); return $file; @@ -1481,6 +1481,9 @@ if (Smarty::$_CHARSET !== 'UTF-8') { * @package Smarty */ class SmartyException extends Exception { + public function __construct($message) { + $this->message = htmlentities($message); + } } /**