git.ucc.asn.au
/
matches
/
MCTX3420.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
d3bd5f4
)
Disallow control codes in urldecode
author
Jeremy Tan
<
[email protected]
>
Sun, 27 Oct 2013 07:45:46 +0000
(15:45 +0800)
committer
Jeremy Tan
<
[email protected]
>
Sun, 27 Oct 2013 07:45:46 +0000
(15:45 +0800)
server/fastcgi.c
patch
|
blob
|
history
diff --git
a/server/fastcgi.c
b/server/fastcgi.c
index
94742bd
..
c246781
100644
(file)
--- a/
server/fastcgi.c
+++ b/
server/fastcgi.c
@@
-548,7
+548,7
@@
char *FCGI_EscapeText(char *buf)
char *FCGI_URLDecode(char *buf)
{
char *head = buf, *tail = buf;
- char hex[3] = {0};
+ char
val,
hex[3] = {0};
while (*tail) {
if (*tail == '%') { //%hh hex to char
@@
-556,7
+556,9
@@
char *FCGI_URLDecode(char *buf)
if (isxdigit(*tail) && isxdigit(*(tail+1))) {
hex[0] = *tail++;
hex[1] = *tail++;
- *head++ = (char)strtol(hex, NULL, 16);
+ char val = (char)strtol(hex, NULL, 16);
+ //Control codes --> Space character
+ *head++ = (val < 0x20) ? 0x20 : val;
} else { //Not valid format; keep original
head++;
}
UCC
git Repository :: git.ucc.asn.au