diff options
Diffstat (limited to 'patches/libcgi-1.0/0202-fix-unescape-by-optimizing-hextable-init-and-access.patch')
-rw-r--r-- | patches/libcgi-1.0/0202-fix-unescape-by-optimizing-hextable-init-and-access.patch | 93 |
1 files changed, 93 insertions, 0 deletions
diff --git a/patches/libcgi-1.0/0202-fix-unescape-by-optimizing-hextable-init-and-access.patch b/patches/libcgi-1.0/0202-fix-unescape-by-optimizing-hextable-init-and-access.patch new file mode 100644 index 000000000..f7c1c404e --- /dev/null +++ b/patches/libcgi-1.0/0202-fix-unescape-by-optimizing-hextable-init-and-access.patch @@ -0,0 +1,93 @@ +From: Alexander Dahl <post@lespocky.de> +Date: Tue, 18 Mar 2014 11:28:49 +0100 +Subject: [PATCH] fix unescape by optimizing hextable init and access + +int size is reduced to 1 byte, table length is truncated to only +accessed bytes, and access is limited to only the hex digit characters +by replacing isalnum() with isxdigit() in cgi_unescape_special_chars(). +This actually fixes a bug in decoding if one of the hex digits after the +'%' was another character than a to f! +--- + src/cgi.c | 55 ++++++++++++++++++++++++++++--------------------------- + 1 file changed, 28 insertions(+), 27 deletions(-) + +diff --git a/src/cgi.c b/src/cgi.c +index 99563ad..5d9ffc0 100644 +--- a/src/cgi.c ++++ b/src/cgi.c +@@ -27,9 +27,7 @@ + #include "cgi.h" + #include "error.h" + +-// Whow... if hextable array has a length less than 256, +-// the cgi_unescape_special_chars function will fail. And I don't know why +-static int hextable[256]; ++static unsigned char hextable['f'+1]; + + int headers_initialized = 0; + +@@ -326,29 +324,32 @@ void cgi_redirect(char *url) + // Original idea from cgic library + void init_hex_table() + { +- memset(hextable, 0, 255); +- +- hextable['1'] = 1; +- hextable['2'] = 2; +- hextable['3'] = 3; +- hextable['4'] = 4; +- hextable['5'] = 5; +- hextable['6'] = 6; +- hextable['7'] = 7; +- hextable['8'] = 8; +- hextable['9'] = 9; +- hextable['a'] = 10; +- hextable['b'] = 11; +- hextable['c'] = 12; +- hextable['d'] = 13; +- hextable['e'] = 14; +- hextable['f'] = 15; +- hextable['A'] = 10; +- hextable['B'] = 11; +- hextable['C'] = 12; +- hextable['D'] = 13; +- hextable['E'] = 14; +- hextable['F'] = 15; ++ memset(hextable, 0, 'f'+1); ++ ++ hextable['0'] = 0x0; /* 48 */ ++ hextable['1'] = 0x1; /* 49 */ ++ hextable['2'] = 0x2; /* 50 */ ++ hextable['3'] = 0x3; /* 51 */ ++ hextable['4'] = 0x4; /* 52 */ ++ hextable['5'] = 0x5; /* 53 */ ++ hextable['6'] = 0x6; /* 54 */ ++ hextable['7'] = 0x7; /* 55 */ ++ hextable['8'] = 0x8; /* 56 */ ++ hextable['9'] = 0x9; /* 57 */ ++ ++ hextable['A'] = 0xA; /* 65 */ ++ hextable['B'] = 0xB; /* 66 */ ++ hextable['C'] = 0xC; /* 67 */ ++ hextable['D'] = 0xD; /* 68 */ ++ hextable['E'] = 0xE; /* 69 */ ++ hextable['F'] = 0xF; /* 70 */ ++ ++ hextable['a'] = 0xa; /* 97 */ ++ hextable['b'] = 0xb; /* 98 */ ++ hextable['c'] = 0xc; /* 99 */ ++ hextable['d'] = 0xd; /* 100 */ ++ hextable['e'] = 0xe; /* 101 */ ++ hextable['f'] = 0xf; /* 102 */ + } + + /** +@@ -411,7 +412,7 @@ char *cgi_unescape_special_chars(char *str) + // hexa code. Converting a hexadecimal code to their decimal is easy: + // The first character needs to be multiplied by 16 ( << 4 ), and the another + // one we just get the value from hextable variable +- if ((str[i] == '%') && isalnum(str[i+1]) && isalnum(str[i+2])) { ++ if ((str[i] == '%') && isxdigit(str[i+1]) && isxdigit(str[i+2])) { + tmp[pos] = (hextable[(unsigned char) str[i+1]] << 4) + hextable[(unsigned char) str[i+2]]; + i += 2; + } |