mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-06 21:00:22 +00:00
added more entity escaping
This commit is contained in:
Brian Carrier
parent
a2edcb97df
commit
bf2274c8a4
@ -13,6 +13,9 @@ w/out encoding HTML entities. Reported by Russ McRee.
|
|||||||
10/01/08: Update: HFS support is enabled if TSK was compiled with
|
10/01/08: Update: HFS support is enabled if TSK was compiled with
|
||||||
support for it.
|
support for it.
|
||||||
|
|
||||||
|
10/08/08: Bug Fix: Added some more HTML entity escaping to case management
|
||||||
|
values (such as description). Reported by Daniel Medianero.
|
||||||
|
|
||||||
--------------------------- Version 2.10 --------------------------------
|
--------------------------- Version 2.10 --------------------------------
|
||||||
2/20/08: Bug Fix: Added 'tsk' to the path for sorter to find the 'images'
|
2/20/08: Bug Fix: Added 'tsk' to the path for sorter to find the 'images'
|
||||||
config file. Reported by Russell Reynolds.
|
config file. Reported by Russell Reynolds.
|
||||||
|
|||||||
@ -326,7 +326,7 @@ sub read_case_config {
|
|||||||
next if ((/^\#/) || (/^\s+$/));
|
next if ((/^\#/) || (/^\s+$/));
|
||||||
s/^\s+//;
|
s/^\s+//;
|
||||||
s/\s+$//;
|
s/\s+$//;
|
||||||
$Caseman::cvals{$1} = $2 if (/^(\S+)\s+(.*)$/);
|
$Caseman::cvals{$1} = Print::html_encode($2) if (/^(\S+)\s+(.*)$/);
|
||||||
}
|
}
|
||||||
close(CONFIG);
|
close(CONFIG);
|
||||||
|
|
||||||
@ -647,7 +647,7 @@ sub case_open {
|
|||||||
print " CHECKED";
|
print " CHECKED";
|
||||||
$first = 1;
|
$first = 1;
|
||||||
}
|
}
|
||||||
print ">$c</td>";
|
print ">" . Print::html_encode($c) . "</td>";
|
||||||
|
|
||||||
Caseman::read_case_config($c);
|
Caseman::read_case_config($c);
|
||||||
|
|
||||||
@ -720,11 +720,6 @@ sub case_details {
|
|||||||
|
|
||||||
read_case_config();
|
read_case_config();
|
||||||
|
|
||||||
$Caseman::cvals{'desc'} = " "
|
|
||||||
unless (exists $Caseman::cvals{'desc'});
|
|
||||||
$Caseman::cvals{'created'} = " "
|
|
||||||
unless (exists $Caseman::cvals{'created'});
|
|
||||||
|
|
||||||
print "<br><br>"
|
print "<br><br>"
|
||||||
. "<center>"
|
. "<center>"
|
||||||
. "<img src=\"pict/menu_h_cdet.jpg\" alt=\"Case Details\">"
|
. "<img src=\"pict/menu_h_cdet.jpg\" alt=\"Case Details\">"
|
||||||
@ -755,7 +750,9 @@ sub case_details {
|
|||||||
else {
|
else {
|
||||||
print " <tr><td> </td>";
|
print " <tr><td> </td>";
|
||||||
}
|
}
|
||||||
print "<td align=\"left\"><tt>$i</tt></td></tr>\n";
|
print "<td align=\"left\"><tt>"
|
||||||
|
. Print::html_encode($i)
|
||||||
|
. "</tt></td></tr>\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
print "</table>\n"
|
print "</table>\n"
|
||||||
@ -1343,14 +1340,14 @@ sub read_host_config {
|
|||||||
|
|
||||||
# desc XYZ
|
# desc XYZ
|
||||||
elsif (/^desc\s+(.*)$/) {
|
elsif (/^desc\s+(.*)$/) {
|
||||||
$Caseman::host_desc = "$1";
|
$Caseman::host_desc = Print::html_encode($1);
|
||||||
}
|
}
|
||||||
|
|
||||||
# hash databases
|
# hash databases
|
||||||
elsif (/^alert_db\s+'(.*)'$/) {
|
elsif (/^alert_db\s+'($::REG_HASHDB)'$/) {
|
||||||
$Caseman::alert_db = "$1";
|
$Caseman::alert_db = "$1";
|
||||||
}
|
}
|
||||||
elsif (/^exclude_db\s+'(.*)'$/) {
|
elsif (/^exclude_db\s+'($::REG_HASHDB)'$/) {
|
||||||
$Caseman::exclude_db = "$1";
|
$Caseman::exclude_db = "$1";
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
@ -1883,7 +1880,7 @@ sub host_open {
|
|||||||
print " CHECKED";
|
print " CHECKED";
|
||||||
$first = 1;
|
$first = 1;
|
||||||
}
|
}
|
||||||
print "> $h </td>";
|
print "> " . Print::html_encode($h) . " </td>";
|
||||||
|
|
||||||
my $fname = Caseman::host_config_fname($h);
|
my $fname = Caseman::host_config_fname($h);
|
||||||
open CONFIG, "<$fname"
|
open CONFIG, "<$fname"
|
||||||
@ -1895,7 +1892,7 @@ sub host_open {
|
|||||||
s/\s+$//;
|
s/\s+$//;
|
||||||
|
|
||||||
if (/^desc\s+(.*)$/) {
|
if (/^desc\s+(.*)$/) {
|
||||||
$desc = $1;
|
$desc = Print::html_encode($1);
|
||||||
last;
|
last;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1927,7 +1924,7 @@ sub host_open {
|
|||||||
foreach my $i (@invs) {
|
foreach my $i (@invs) {
|
||||||
print "<option value=\"$i\"";
|
print "<option value=\"$i\"";
|
||||||
print " selected" if ($cur_inv eq $i);
|
print " selected" if ($cur_inv eq $i);
|
||||||
print ">$i</option>\n";
|
print ">" . Print::html_encode($i) . "</option>\n";
|
||||||
}
|
}
|
||||||
print "</select>\n";
|
print "</select>\n";
|
||||||
}
|
}
|
||||||
@ -2061,21 +2058,27 @@ sub host_details {
|
|||||||
|
|
||||||
# Actual Directory
|
# Actual Directory
|
||||||
"<tr><td align=\"right\"><b>Directory:</b></td>"
|
"<tr><td align=\"right\"><b>Directory:</b></td>"
|
||||||
. "<td align=\"left\"><tt>$::host_dir</tt></td></tr>\n"
|
. "<td align=\"left\"><tt>"
|
||||||
|
. Print::html_encode($::host_dir)
|
||||||
|
. "</tt></td></tr>\n"
|
||||||
. "<tr><td colspan=2> </td></tr>\n"
|
. "<tr><td colspan=2> </td></tr>\n"
|
||||||
.
|
.
|
||||||
|
|
||||||
# Alert Database
|
# Alert Database
|
||||||
"<tr><td align=\"right\"><b>Alert Hash Database:</b></td>"
|
"<tr><td align=\"right\"><b>Alert Hash Database:</b></td>"
|
||||||
. "<td align=\"left\"><tt>"
|
. "<td align=\"left\"><tt>"
|
||||||
. (($Caseman::alert_db ne "") ? $Caseman::alert_db : " ")
|
. (($Caseman::alert_db ne "")
|
||||||
|
? Print::html_encode($Caseman::alert_db)
|
||||||
|
: " ")
|
||||||
. "</tt></td></tr>\n"
|
. "</tt></td></tr>\n"
|
||||||
.
|
.
|
||||||
|
|
||||||
# Exclude Database
|
# Exclude Database
|
||||||
"<tr><td align=\"right\"><b>Exclude Hash Database:</b></td>"
|
"<tr><td align=\"right\"><b>Exclude Hash Database:</b></td>"
|
||||||
. "<td align=\"left\"><tt>"
|
. "<td align=\"left\"><tt>"
|
||||||
. (($Caseman::exclude_db ne "") ? $Caseman::exclude_db : " ")
|
. (($Caseman::exclude_db ne "")
|
||||||
|
? Print::html_encode($Caseman::exclude_db)
|
||||||
|
: " ")
|
||||||
. "</tt></td></tr>\n"
|
. "</tt></td></tr>\n"
|
||||||
. "</table>\n";
|
. "</table>\n";
|
||||||
|
|
||||||
@ -2229,7 +2232,10 @@ sub vol_open {
|
|||||||
$mnt[$i] = $1 if ($mnt[$i] =~ /^\d(.*?)--AUTOPSY--$::REG_VNAME$/o);
|
$mnt[$i] = $1 if ($mnt[$i] =~ /^\d(.*?)--AUTOPSY--$::REG_VNAME$/o);
|
||||||
print "<tr>" . "<td><input type=\"radio\" name=\"vol\" value=$vol";
|
print "<tr>" . "<td><input type=\"radio\" name=\"vol\" value=$vol";
|
||||||
print " CHECKED" if ($i == 0);
|
print " CHECKED" if ($i == 0);
|
||||||
print "></td>" . "<td><tt>$mnt[$i]</tt></td>";
|
print "></td>"
|
||||||
|
. "<td><tt>"
|
||||||
|
. Print::html_encode($mnt[$i])
|
||||||
|
. "</tt></td>";
|
||||||
|
|
||||||
# image name and ftype
|
# image name and ftype
|
||||||
print
|
print
|
||||||
@ -2253,8 +2259,11 @@ sub vol_open {
|
|||||||
"<tr><td> </td><td> </td><td>(<input type=\"radio\" name=\"vol\" "
|
"<tr><td> </td><td> </td><td>(<input type=\"radio\" name=\"vol\" "
|
||||||
. "value=$sort[$i]";
|
. "value=$sort[$i]";
|
||||||
print " CHECKED" if ($#mnt == 0);
|
print " CHECKED" if ($#mnt == 0);
|
||||||
print
|
print "> unalloc)</td><td><tt>"
|
||||||
"> unalloc)</td><td><tt>$Caseman::vol2sname{$sort[$i]}</tt></td><td>$Caseman::vol2ftype{$sort[$i]}</td></tr>\n";
|
. Print::html_encode($Caseman::vol2sname{$sort[$i]})
|
||||||
|
. "</tt></td><td>"
|
||||||
|
. Print::html_encode($Caseman::vol2ftype{$sort[$i]})
|
||||||
|
. "</td></tr>\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
# Begin Button
|
# Begin Button
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user