Debian Bug report logs - #65151
lynx-ssl: <> in javascript causes premature </script>

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: bglbv@my-deja.com

To: submit@bugs.debian.org

Subject: lynx-ssl: <> in javascript causes premature </script>

Date: 3 Jun 2000 00:53:28 -0000

Package: lynx-ssl
Version: 2.8.3.1-1
Severity: normal

(Probably affects plain lynx as well. w3m is OK. May require upstream fix.)

The following HTML document illustrates the problem:

<html>
<head>
<title>Leaky comments</title>
<script type="text/javascript">
<!--
var x = '<>';
//-->
</script>
</head>
<body>
Did you see that piece of JavaScript?
</body>
</html>

$ lynx -dump script.html

   '; //--> Did you see that piece of JavaScript?

It isn't just the >, as the HTML 4.01 standard suggests might be the case
with some browsers; I tried '< >' and '><', neither of which exhibits the
problem.

-- System Information
Debian Release: 2.2

Versions of the packages lynx-ssl depends on:
ii  debconf        0.2.80.15      Debian configuration management system
ii  libc6          2.1.3-10       GNU C Library: Shared libraries and Timezone
ii  libssl09       0.9.4-5        SSL shared libraries
ii  slang1         1.3.9-1        The S-Lang programming library - runtime ver
ii  zlib1g         1.1.3-5        compression library - runtime
	^^^ (Provides virtual package libz1)

Message #10 received at 65151-maintonly@bugs.debian.org (full text, mbox, reply):

From: "H. Nanosecond" <aldomel@ix.netcom.com>

To: bglbv@my-deja.com

Cc: 65151-maintonly@bugs.debian.org

Subject: Re: lynx-ssl: <> in javascript causes premature </script>

Date: Tue, 6 Jun 2000 23:12:32 -0400 (EDT)

I checked on http://www.htmlhelp.com/tools/validator/
and it is valid HTML.

The problem is that lynx uses an old version of the libwww library from W3C.

Message #17 received at 65151@bugs.debian.org (full text, mbox, reply):

From: Klaus Weide <kweide@enteract.com>

To: 65151@bugs.debian.org

Subject: patch for <> in <SCRIPT> contents - Debian bug #65151 (fwd)

Date: Sun, 9 Jul 2000 15:35:44 -0500 (CDT)

---------- Forwarded message ----------
Date: Sun, 9 Jul 2000 15:34:43 -0500 (CDT)
From: Klaus Weide <kweide@enteract.com>
To: lynx-dev@sig.net
Subject: patch for <> in <SCRIPT> contents - Debian bug #65151

See <http://cgi.debian.org/cgi-bin/bugreport.cgi?bug=65151>.
This appears to fix it.  The coulde should not have used
string->size-2 as an index without checking that it is valid
anyway.

Note: line numbers are off, expect 'patch' to report a big offset.

   Klaus


--- older/WWW/Library/Implementation/SGML.c	Tue May 23 01:29:41 2000
+++ WWW/Library/Implementation/SGML.c	Wed Jun 21 16:14:29 2000
@@ -2278,7 +2278,8 @@
 	    /*
 	    **	If complete match, end litteral.
 	    */
-	    if ((c == '>') && testtag && !testtag->name[string->size-2]) {
+	    if ((c == '>') && testtag &&
+		string->size > 1 && !testtag->name[string->size-2]) {
 #ifdef USE_PRETTYSRC
 		if (psrc_view) {
 		    PSRCSTART(abracket);PUTC('<');PUTC('/');PSRCSTOP(abracket);

Message #22 received at 65151@bugs.debian.org (full text, mbox, reply):

From: Josip Rodin <joy@cibalia.gkvk.hr>

To: 65151@bugs.debian.org

Subject: fix for this is upstream

Date: Fri, 29 Dec 2000 19:10:58 +0100

Hi,

Klaus Weide's patch is in lynx 2.8.4dev.5, this is the changelog entry:

* fix Debian bug #65151:  "<> in javascript causes premature </script>"
  (reported by H Nanosecond <aldomel@ix.netcom.com>) -KW

-- 
Digital Electronic Being Intended for Assassination and Nullification

Message #27 received at 65151-close@bugs.debian.org (full text, mbox, reply):

From: Adrian Bunk <bunk@fs.tum.de>

To: 65151-close@bugs.debian.org

Subject: Bug#65151: fixed in lynx 2.8.4-1

Date: Sun, 19 Aug 2001 14:59:31 -0400

We believe that the bug you reported is fixed in the latest version of
lynx, which has been installed in the Debian FTP archive:

lynx_2.8.4-1.dsc
  to pool/main/l/lynx/lynx_2.8.4-1.dsc
lynx_2.8.4-1_i386.deb
  to pool/main/l/lynx/lynx_2.8.4-1_i386.deb
lynx_2.8.4-1.diff.gz
  to pool/main/l/lynx/lynx_2.8.4-1.diff.gz
lynx_2.8.4.orig.tar.gz
  to pool/main/l/lynx/lynx_2.8.4.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 65151@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adrian Bunk <bunk@fs.tum.de> (supplier of updated lynx package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 18 Aug 2001 16:22:26 +0200
Source: lynx
Binary: lynx
Architecture: source i386
Version: 2.8.4-1
Distribution: unstable
Urgency: high
Maintainer: Adrian Bunk <bunk@fs.tum.de>
Changed-By: Adrian Bunk <bunk@fs.tum.de>
Description: 
 lynx       - Text-mode WWW Browser
Closes: 21096 25968 40482 42859 45803 56639 63638 63641 65151 68542 80496 83249 83784 94604 105559
Changes: 
 lynx (2.8.4-1) unstable; urgency=high
 .
   * New maintainer.
   * New upstream release. (closes: #80496)
     This release fixes the following bugs:
     - %s, %t, %{charset} and %{encoding} substitutions for
       mailcap commands are now implemented. (closes: #21096)
     - The "<> in javascript causes premature </script>" problem
       is fixed. (closes: #65151)
     - A problem with the length of form fields is fixed.
       (closes: #68542)
     - The Japanese message catalog is now included.
       (closes: #63641)
     - The CPU-loop seems to be fixed. (closes: #25968)
   * /etc/lynx.cfg is now a conffile. (closes: #40482)
   * The default startfile is now the local helpfile (and there's
     no longer a question in the postinst).
     (closes: #105559, #83249, #83784)
   * Disable USE_MOUSE in the default configuration.
     (closes: #42859)
   * Set GLOBAL_EXTENSION_MAP and PERSONAL_EXTENSION_MAP in the
     default lynx.cfg. (closes: #94604)
   * Compiled with ncurses instead of slang.
   * Compiled with "--enable-warnings".
   * Compiled with "--enable-color-style".
   * Compiled with "--enable-default-colors". (closes: #45803)
   * Compiled with "--enable-file-upload". (closes: #56639)
   * Compiled with "--enable-ipv6".
   * Compiled with "--enable-justify-elts".
   * Compiled with "--enable-nested-tables".
   * Compiled with "--enable-read-eta".
   * Updated debian/copyright. (closes: #63638)
Files: 
 c3c28620d73877b3df1200f13a4ea1a3 607 web standard lynx_2.8.4-1.dsc
 90aa83a34ea7cb912386604e1ca73aa0 2556501 web standard lynx_2.8.4.orig.tar.gz
 daad12f30dd95c29c4deec45e851dcef 10777 web standard lynx_2.8.4-1.diff.gz
 833acf3c33c1cf99677f67cbae2966f7 1447276 web standard lynx_2.8.4-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7f+ulmfzqmE8StAARAgxaAJ4gMb+0/CAYkWzw5fEmuqe4Fu734wCfc4tG
A3dZ2Y1yC0N0vGvNBRO8YsE=
=c01O
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.