Fresh IDE . Check-in [a3caaf7ad8]
Not logged in

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fixed XSS bugs in bbcode.asm and minimag.asm libraries.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | FreshLibDev
Files: files | file ages | folders
SHA1:a3caaf7ad85033489e668b5bfa37185b013cfa2e
User & Date: johnfound 2023-03-13 12:12:37
Context
2023-03-13
12:12
Fixed XSS bugs in bbcode.asm and minimag.asm libraries. Leaf check-in: a3caaf7ad8 user: johnfound tags: FreshLibDev
2023-01-11
20:35
StrExtractMem implemented in strlib, because StrExtract user StrLen on the source, which can be very slow on big arrays of char.

Some work on the Linux X structures and code. check-in: 38ab02c795 user: johnfound tags: FreshLibDev

Changes

Changes to freshlib/data/bbcode.asm.

600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
...
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
        je      .process_attribute

        test    [eax+TOneTag.flags], fEmptyAttr         ; if the tag allows empty attribute, simply copy
        jnz     .copy                                   ; the tag suffix without trying to replace the attribute.

; here copy and encode the attribute value:
.process_attribute:
        inc     ebx

        push    esi ecx [edx+TText.GapBegin]

        lea     esi, [edi-1]

        mov     [.tagMix], '<u >'

................................................................................
        inc     [edx+TText.GapBegin]
        inc     ebx
        inc     esi
        jmp     .attr_loop


.end_of_attr1:

        inc     esi     ; delete "]"
        dec     ebx

        add     esi, [edx+TText.GapEnd]
        sub     esi, [edx+TText.GapBegin]
        mov     [edx+TText.GapEnd], esi

.end_of_attr2:

        cmp     [.tagMix], '</u>'
        jne     .mix_closed

        stdcall TextSetGapSize, edx, 4
        mov     edi, [edx+TText.GapBegin]
        pushd   [.tagMix]
        popd    [edx+edi]







|







 







<

<






<







600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
...
691
692
693
694
695
696
697

698

699
700
701
702
703
704

705
706
707
708
709
710
711
        je      .process_attribute

        test    [eax+TOneTag.flags], fEmptyAttr         ; if the tag allows empty attribute, simply copy
        jnz     .copy                                   ; the tag suffix without trying to replace the attribute.

; here copy and encode the attribute value:
.process_attribute:
;        inc     ebx

        push    esi ecx [edx+TText.GapBegin]

        lea     esi, [edi-1]

        mov     [.tagMix], '<u >'

................................................................................
        inc     [edx+TText.GapBegin]
        inc     ebx
        inc     esi
        jmp     .attr_loop


.end_of_attr1:

        inc     esi     ; delete "]"


        add     esi, [edx+TText.GapEnd]
        sub     esi, [edx+TText.GapBegin]
        mov     [edx+TText.GapEnd], esi

.end_of_attr2:

        cmp     [.tagMix], '</u>'
        jne     .mix_closed

        stdcall TextSetGapSize, edx, 4
        mov     edi, [edx+TText.GapBegin]
        pushd   [.tagMix]
        popd    [edx+edi]

Changes to freshlib/data/minimag.asm.

131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
        lea     edi, [ecx+1]  ; the start of the label.
        xor     esi, esi
        xor     eax, eax

.hash_loop:
        inc     ecx
        cmp     ecx, [edx+TText.Length]
        jae     .second_pass

        mov     al, [edx+ecx]
        test    al, al
        jz      .second_pass

        cmp     al, ']'
        je      .end_of_lbl

        test    al, al
        js      .add_hash








|



|







131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
        lea     edi, [ecx+1]  ; the start of the label.
        xor     esi, esi
        xor     eax, eax

.hash_loop:
        inc     ecx
        cmp     ecx, [edx+TText.Length]
        jae     .end_of_lbl ;.second_pass

        mov     al, [edx+ecx]
        test    al, al
        jz      .end_of_lbl ;.second_pass

        cmp     al, ']'
        je      .end_of_lbl

        test    al, al
        js      .add_hash