Overview

File CVE-2022-27777.patch of Package rubygem-actionview-4_2.26221

Index: actionview-4.2.9/lib/action_view/helpers/tag_helper.rb
===================================================================
--- actionview-4.2.9.orig/lib/action_view/helpers/tag_helper.rb
+++ actionview-4.2.9/lib/action_view/helpers/tag_helper.rb
@@ -142,7 +142,12 @@ module ActionView
 
         def content_tag_string(name, content, options, escape = true)
           tag_options = tag_options(options, escape) if options
-          content     = ERB::Util.unwrapped_html_escape(content) if escape
+
+          if escape
+            name = ERB::Util.xml_name_escape(name)
+            content = ERB::Util.unwrapped_html_escape(content)
+          end
+
           "<#{name}#{tag_options}>#{PRE_CONTENT_STRINGS[name.to_sym]}#{content}</#{name}>".html_safe
         end
 
@@ -176,11 +181,14 @@ module ActionView
         end
 
         def tag_option(key, value, escape)
+          key = ERB::Util.xml_name_escape(key) if escape
+
           if value.is_a?(Array)
             value = escape ? safe_join(value, " ") : value.join(" ")
           else
             value = escape ? ERB::Util.unwrapped_html_escape(value) : value.to_s
           end
+          name = ERB::Util.xml_name_escape(name) if escape
           %(#{key}="#{value.gsub('"'.freeze, '&quot;'.freeze)}")
         end
     end
openSUSE Build Service is sponsored by
Places