From 4d46d3e5cffc85744ffdcb25544a337efaa0f8da Mon Sep 17 00:00:00 2001 From: Timo Sirainen Date: Thu, 6 Aug 2020 14:10:50 +0300 Subject: [PATCH] auth: Escape exported session ID string in protocol replies Session ID is normally coming only from trusted sources, so the lack of escaping shouldn't have mattered too much. --- src/auth/auth-request-fields.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/auth/auth-request-fields.c b/src/auth/auth-request-fields.c index a35347b10e..182a40ce74 100644 --- a/src/auth/auth-request-fields.c +++ b/src/auth/auth-request-fields.c @@ -94,8 +94,10 @@ void auth_request_export(struct auth_request *request, string_t *dest) str_append(dest, "\tlocal_name="); str_append_tabescaped(dest, fields->local_name); } - if (fields->session_id != NULL) - str_printfa(dest, "\tsession=%s", fields->session_id); + if (fields->session_id != NULL) { + str_append(dest, "\tsession="); + str_append_tabescaped(dest, fields->session_id); + } if (event_want_debug(request->event)) str_append(dest, "\tdebug"); switch (fields->secured) { -- 2.47.3