From c2d4a90639afb2403979aa91ba75cb332ae16d1b Mon Sep 17 00:00:00 2001
From: Jamie Cameron <jcameron@webmin.com>
Date: Mon, 12 Jun 2017 14:12:39 -0700
Subject: [PATCH] escape some params

---
 acl/save_user.cgi          | 4 ++--
 software/file_info.cgi     | 3 ++-
 software/search.cgi        | 3 ++-
 webmin/change_referers.cgi | 3 ++-
 4 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/acl/save_user.cgi b/acl/save_user.cgi
index 49f9e1716..6fecf776e 100755
--- a/acl/save_user.cgi
+++ b/acl/save_user.cgi
@@ -52,11 +52,11 @@ else {
 
 # Validate username, and check for a clash
 $in{'name'} =~ /^[A-z0-9\-\_\.\@]+$/ && $in{'name'} !~ /^\@/ ||
-	&error(&text('save_ename', $in{'name'}));
+	&error(&text('save_ename', &html_escape($in{'name'})));
 $in{'name'} eq 'webmin' && &error($text{'save_enamewebmin'});
 if (!$in{'old'} || $in{'old'} ne $in{'name'}) {
 	my $clash = &get_user($in{'name'});
-	$clash && &error(&text('save_edup', $in{'name'}));
+	$clash && &error(&text('save_edup', &html_escape($in{'name'})));
 	}
 !$access{'logouttime'} || $in{'logouttime_def'} ||
 	$in{'logouttime'} =~ /^\d+$/ || &error($text{'save_elogouttime'});
diff --git a/software/file_info.cgi b/software/file_info.cgi
index 13d0fb16d..4ba14aa92 100755
--- a/software/file_info.cgi
+++ b/software/file_info.cgi
@@ -20,7 +20,8 @@ else {
 	}
 
 if (!%file) {
-	print "<b>",&text('file_notfound', "<tt>$f</tt>"),"</b><p>\n";
+	print "<b>",&text('file_notfound',
+			  "<tt>".&html_escape($f)."</tt>"),"</b><p>\n";
 	}
 else {
 	# display file info
diff --git a/software/search.cgi b/software/search.cgi
index 862a3c004..b267aa704 100755
--- a/software/search.cgi
+++ b/software/search.cgi
@@ -34,7 +34,8 @@ if (@match == 1 && $in{'goto'}) {
 if (@match) {
 	@match = sort { lc($packages{$a,'name'}) cmp lc($packages{$b,'name'}) }
 		      @match;
-	print "<b>",&text('search_match', "<tt>$s</tt>"),"</b><p>\n";
+	print "<b>",&text('search_match',
+			  "<tt>".&html_escape($s)."</tt>"),"</b><p>\n";
 	print &ui_form_start("delete_packs.cgi", "post");
 	print &ui_hidden("search", $in{'search'});
 	@tds = ( "width=5" );
diff --git a/webmin/change_referers.cgi b/webmin/change_referers.cgi
index ed7130cfb..34a3b3c2a 100755
--- a/webmin/change_referers.cgi
+++ b/webmin/change_referers.cgi
@@ -10,7 +10,8 @@ require './webmin-lib.pl';
 $gconfig{'referer'} = $in{'referer'};
 @refs = split(/\s+/, $in{'referers'});
 foreach my $r (@refs) {
-	$r =~ /^[a-z0-9\.\-\_]+$/ || &error(&text('referers_ehost', $r));
+	$r =~ /^[a-z0-9\.\-\_]+$/ ||
+		&error(&text('referers_ehost', &html_escape($r)));
 	}
 $gconfig{'referers'} = join(" ", @refs);
 $gconfig{'referers_none'} = int(!$in{'referers_none'});