From 53f0bec0ba79df2cb1bcd5dd063f808aa6387cd5 Mon Sep 17 00:00:00 2001
From: David Cooper <david.cooper@nist.gov>
Date: Fri, 6 Mar 2020 08:48:07 -0500
Subject: [PATCH] Fix HTML generation in 3.0

This commit applies the same changes as #1481, but to the 3.0 branch.
---
 testssl.sh | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index 622af0a..9701904 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -487,12 +487,12 @@ html_reserved(){
      local output
      "$do_html" || return 0
      #sed  -e 's/\&/\&amp;/g' -e 's/</\&lt;/g' -e 's/>/\&gt;/g' -e 's/"/\&quot;/g' -e "s/'/\&apos;/g" <<< "$1"
-     output="${1//\&/\&amp;}"
-     output="${output//</\&lt;}"
-     output="${output//>/\&gt;}"
-     output="${output//\"/\&quot;}"
-     output="${output//\'/\&apos;}"
-     tm_out "$output"
+     output="${1//&/&amp;}"
+     output="${output//</&lt;}"
+     output="${output//>/&gt;}"
+     output="${output//\"/&quot;}"
+     output="${output//\'/&apos;}"
+     printf -- "%s" "$output"
      return 0
 }
 
@@ -507,8 +507,9 @@ safe_echo()  { printf -- "%b" "${1//%/%%}"; }
 tm_out()     { printf -- "%b" "${1//%/%%}"; }
 tmln_out()   { printf -- "%b" "${1//%/%%}\n"; }
 
-out()   { printf -- "%b" "${1//%/%%}"; html_out "$1"; }
-outln() { printf -- "%b" "${1//%/%%}\n"; html_out "$1\n"; }
+out()   { printf -- "%b" "${1//%/%%}"; html_out "$(html_reserved "$1")"; }
+outln() { printf -- "%b" "${1//%/%%}\n"; html_out "$(html_reserved "$1")\n"; }
+
 
 #TODO: Still no shell injection safe but if just run it from the cmd line: that's fine