diff options
author | jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2012-05-03 17:19:18 +0000 |
---|---|---|
committer | jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2012-05-03 17:19:18 +0000 |
commit | f978449dac910d3379e44ea438198c8f29df8008 (patch) | |
tree | 46b1359d5041652550fecbc06438cd2c8b67aec5 /uhttpd.c | |
parent | 0fcbf2d4eae475903f40fd94223671744d75109e (diff) | |
download | uhttpd-f978449dac910d3379e44ea438198c8f29df8008.tar.gz |
Fixed: [PATCH 2/3] uhttpd URL-codec enhancements.
My apologies, the 2nd of those patches had a syntax error -- that's what
I get for making a last-minute edit, even to the comments, without
testing! :-p
Here is the corrected patch.
-- David
From d259cff104d2084455476b82e92a3a27524f4263 Mon Sep 17 00:00:00 2001
From: David Favro <openwrt@meta-dynamic.com>
Date: Fri, 27 Apr 2012 14:17:52 -0400
Subject: [PATCH] uhttpd URL-codec enhancements.
* uh_urlencode() and uh_urldecode() now return an error condition for
buffer-overflow and malformed-encoding rather than normal return with corrupt
or truncated data. As HTTP request processing is currently implemented, this
causes a 404 HTTP status returned to the client, while 400 is more
appropriate.
* Exposed urlencode() to Lua.
* Lua's uhttpd.urlencode() and .urldecode() now raise an error condition for
buffer-overflow and malformed-encoding rather than normal return with
incorrect data.
git-svn-id: svn://svn.openwrt.org/openwrt/trunk/package/uhttpd/src@31570 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'uhttpd.c')
-rw-r--r-- | uhttpd.c | 7 |
1 files changed, 4 insertions, 3 deletions
@@ -948,9 +948,10 @@ int main (int argc, char **argv) for (opt = 0; optarg[opt]; opt++) if (optarg[opt] == '+') optarg[opt] = ' '; - - memset(port, 0, strlen(optarg)+1); - uh_urldecode(port, strlen(optarg), optarg, strlen(optarg)); + /* opt now contains strlen(optarg) -- no need to re-scan */ + memset(port, 0, opt+1); + if (uh_urldecode(port, opt, optarg, opt) < 0) + fprintf( stderr, "uhttpd: invalid encoding\n" ); printf("%s", port); free(port); |