From: Gilles Detillieux <grdetil@scrc.umanitoba.ca>
To: htdig@htdig.org
Subject: [htdig] Patch

Quote the filename before passing it to the command-line to prevent
shell escapes. Fixes PR#542.  Also make error messages more useful.

--- htdig-3.1.2/htdig/ExternalParser.cc.old	Wed Apr 21 21:47:57 1999
+++ htdig-3.1.2/htdig/ExternalParser.cc	Fri Jul 30 15:08:57 1999
@@ -133,8 +133,8 @@ ExternalParser::parse(Retriever &retriev
     // Now start the external parser.
     //
     String	command = currentParser;
-    command << ' ' << path << ' ' << contentType << ' ' << base.get() <<
-	' ' << configFile;
+    command << ' ' << path << ' ' << contentType << " \"" << base.get() <<
+	"\" " << configFile;
 
     FILE	*input = popen(command, "r");
     if (!input)
@@ -170,7 +170,7 @@ ExternalParser::parse(Retriever &retriev
 			(hd = atoi(token3)) >= 0 && hd < 12)
 		  retriever.got_word(token1, loc, hd);
 		else
-		  cerr<< "External parser error in line:"<<line<<"\n";
+		  cerr<< "External parser error in line:"<<line<<"\n" << " URL: " << base.get() << "\n";
 		break;
 		
 	    case 'u':	// href
@@ -183,7 +183,7 @@ ExternalParser::parse(Retriever &retriev
 		  retriever.got_href(url, token2);
 		}
 		else
-		  cerr<< "External parser error in line:"<<line<<"\n";
+		  cerr<< "External parser error in line:"<<line<<"\n" << " URL: " << base.get() << "\n";
 		break;
 		
 	    case 't':	// title
@@ -191,7 +191,7 @@ ExternalParser::parse(Retriever &retriev
 		if (token1 != NULL)
 		  retriever.got_title(token1);
 		else
-		  cerr<< "External parser error in line:"<<line<<"\n";
+		  cerr<< "External parser error in line:"<<line<<"\n" << " URL: " << base.get() << "\n";
 		break;
 		
 	    case 'h':	// head
@@ -199,7 +199,7 @@ ExternalParser::parse(Retriever &retriev
 		if (token1 != NULL)
 		  retriever.got_head(token1);
 		else
-		  cerr<< "External parser error in line:"<<line<<"\n";
+		  cerr<< "External parser error in line:"<<line<<"\n" << " URL: " << base.get() << "\n";
 		break;
 		
 	    case 'a':	// anchor
@@ -207,7 +207,7 @@ ExternalParser::parse(Retriever &retriev
 		if (token1 != NULL)
 		  retriever.got_anchor(token1);
 		else
-		  cerr<< "External parser error in line:"<<line<<"\n";
+		  cerr<< "External parser error in line:"<<line<<"\n" << " URL: " << base.get() << "\n";
 		break;
 		
 	    case 'i':	// image url
@@ -215,7 +215,7 @@ ExternalParser::parse(Retriever &retriev
 		if (token1 != NULL)
 		  retriever.got_image(token1);
 		else
-		  cerr<< "External parser error in line:"<<line<<"\n";
+		  cerr<< "External parser error in line:"<<line<<"\n" << " URL: " << base.get() << "\n";
 		break;
 
 	    case 'm':	// meta
@@ -329,12 +329,12 @@ ExternalParser::parse(Retriever &retriev
 		  }
 		}
 		else
-		  cerr<< "External parser error in line:"<<line<<"\n";
+		  cerr<< "External parser error in line:"<<line<<"\n" << " URL: " << base.get() << "\n";
 		break;
 	      }
 
 	    default:
-		cerr<< "External parser error in line:"<<line<<"\n";
+		cerr<< "External parser error in line:"<<line<<"\n" << " URL: " << base.get() << "\n";
 		break;
 	}
     }