new method for sanitizing content to be rendered on a web page (specifically,...

new method for sanitizing content to be rendered on a web page (specifically, the routerInfo options can be hacked to contain evil html) thanks for finding and suggesting the fix oOo!

new method for sanitizing content to be rendered on a web page (specifically,...
fbe9fe1b · jrandom · zzz · 007194d6 · fbe9fe1b · fbe9fe1b
Commit fbe9fe1b authored 20 years ago by jrandom Committed by zzz 20 years ago
--- a/core/java/src/net/i2p/data/DataHelper.java
+++ b/core/java/src/net/i2p/data/DataHelper.java
@@ -528,6 +528,16 @@ public class DataHelper {
            return (ms / (24 * 60 * 60 * 1000)) + "d";
        }
    }
+    /**
+     * Strip out any HTML (simply removing any less than / greater than symbols)
+     */
+    public static String stripHTML(String orig) {
+        if (orig == null) return "";
+        String t1 = orig.replace('<', ' ');
+        String rv = t1.replace('>', ' ');
+        return rv;
+    }
    /** compress the data and return a new GZIP compressed array */
    public static byte[] compress(byte orig[]) {

--- a/router/java/src/net/i2p/router/networkdb/kademlia/KademliaNetworkDatabaseFacade.java
+++ b/router/java/src/net/i2p/router/networkdb/kademlia/KademliaNetworkDatabaseFacade.java
@@ -507,8 +507,8 @@ public class KademliaNetworkDatabaseFacade extends NetworkDatabaseFacade {
                    + new Date(routerInfo.getPublished()));
            }
        } else if (routerInfo.getPublished() > start + Router.CLOCK_FUDGE_FACTOR) {
-            if (_log.shouldLog(Log.ERROR))
+            if (_log.shouldLog(Log.WARN))
-                _log.error("Peer " + key.toBase64() + " published their leaseSet in the future?! [" 
+                _log.warn("Peer " + key.toBase64() + " published their leaseSet in the future?! [" 
                          + new Date(routerInfo.getPublished()) + "]");
            return null;
        }
@@ -721,8 +721,8 @@ public class KademliaNetworkDatabaseFacade extends NetworkDatabaseFacade {
                for (Iterator routerIter = routerVersions.keySet().iterator(); routerIter.hasNext(); ) {
                    String routerVersion = (String)routerIter.next();
                    Integer num = (Integer)routerVersions.get(routerVersion);
-                    buf.append("<tr><td>").append(coreVersion);
+                    buf.append("<tr><td>").append(DataHelper.stripHTML(coreVersion));
-                    buf.append("</td><td>").append(routerVersion);
+                    buf.append("</td><td>").append(DataHelper.stripHTML(routerVersion));
                    buf.append("</td><td>").append(num.intValue()).append("</td></tr>\n");
                }
            }
@@ -752,7 +752,7 @@ public class KademliaNetworkDatabaseFacade extends NetworkDatabaseFacade {
            for (Iterator optIter = addr.getOptions().keySet().iterator(); optIter.hasNext(); ) {
                String name = (String)optIter.next();
                String val = addr.getOptions().getProperty(name);
-                buf.append('[').append(name).append('=').append(val).append("] ");
+                buf.append('[').append(DataHelper.stripHTML(name)).append('=').append(DataHelper.stripHTML(val)).append("] ");
            }
        }
        buf.append("</i><br />\n");
@@ -760,7 +760,7 @@ public class KademliaNetworkDatabaseFacade extends NetworkDatabaseFacade {
        for (Iterator iter = info.getOptions().keySet().iterator(); iter.hasNext(); ) {
            String key = (String)iter.next();
            String val = info.getOptions().getProperty(key);
-            buf.append(key).append(" = ").append(val).append("<br />\n");
+            buf.append(DataHelper.stripHTML(key)).append(" = ").append(DataHelper.stripHTML(val)).append("<br />\n");
        }
        buf.append("</code></i><hr />\n");
    }