Enforce RFC 2616 and accept "0" after a backslash for quoted-strings.
Reported by Peng <howtofly(at)gmail.com> (cherry picked from commit c70f5ce323502e04f19e4c126c3235a14a1ce359)
This commit is contained in:
Marcelo Roberto Jimenez
parent
cf8c0d0a93
commit
61d2950fa5
@ -357,6 +357,12 @@ Version 1.8.0
|
|||||||
Version 1.6.19
|
Version 1.6.19
|
||||||
*******************************************************************************
|
*******************************************************************************
|
||||||
|
|
||||||
|
2013-08-13 Marcelo Roberto Jimenez <mroberto(at)users.sourceforge.net>
|
||||||
|
|
||||||
|
Enforce RFC 2616 and accept "0" after a backslash for quoted-strings.
|
||||||
|
|
||||||
|
Reported by Peng <howtofly(at)gmail.com>
|
||||||
|
|
||||||
2013-08-13 Peng <howtofly(at)gmail.com>
|
2013-08-13 Peng <howtofly(at)gmail.com>
|
||||||
|
|
||||||
Patch to make scanner_get_token more robust (avoid over-reading).
|
Patch to make scanner_get_token more robust (avoid over-reading).
|
||||||
|
|||||||
@ -143,9 +143,9 @@ static UPNP_INLINE void scanner_init(OUT scanner_t *scanner, IN membuffer *bufpt
|
|||||||
* Description : Finds the separator character.
|
* Description : Finds the separator character.
|
||||||
*
|
*
|
||||||
************************************************************************/
|
************************************************************************/
|
||||||
static UPNP_INLINE int is_separator_char(IN char c)
|
static UPNP_INLINE int is_separator_char(IN int c)
|
||||||
{
|
{
|
||||||
return strchr(" \t()<>@,;:\\\"/[]?={}", (int)c) != NULL;
|
return strchr(" \t()<>@,;:\\\"/[]?={}", c) != 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/************************************************************************
|
/************************************************************************
|
||||||
@ -157,7 +157,7 @@ static UPNP_INLINE int is_separator_char(IN char c)
|
|||||||
* Description : Calls the function to indentify separator character
|
* Description : Calls the function to indentify separator character
|
||||||
*
|
*
|
||||||
************************************************************************/
|
************************************************************************/
|
||||||
static UPNP_INLINE int is_identifier_char(IN char c)
|
static UPNP_INLINE int is_identifier_char(IN int c)
|
||||||
{
|
{
|
||||||
return c >= 32 && c <= 126 && !is_separator_char(c);
|
return c >= 32 && c <= 126 && !is_separator_char(c);
|
||||||
}
|
}
|
||||||
@ -171,7 +171,7 @@ static UPNP_INLINE int is_identifier_char(IN char c)
|
|||||||
* Description : Determines if the passed value is a control character
|
* Description : Determines if the passed value is a control character
|
||||||
*
|
*
|
||||||
************************************************************************/
|
************************************************************************/
|
||||||
static UPNP_INLINE int is_control_char(IN char c)
|
static UPNP_INLINE int is_control_char(IN int c)
|
||||||
{
|
{
|
||||||
return (c >= 0 && c <= 31) || c == 127;
|
return (c >= 0 && c <= 31) || c == 127;
|
||||||
}
|
}
|
||||||
@ -185,20 +185,16 @@ static UPNP_INLINE int is_control_char(IN char c)
|
|||||||
* Description : Checks to see if the passed in value is CR/LF
|
* Description : Checks to see if the passed in value is CR/LF
|
||||||
*
|
*
|
||||||
************************************************************************/
|
************************************************************************/
|
||||||
static UPNP_INLINE int is_qdtext_char(IN char cc)
|
static UPNP_INLINE int is_qdtext_char(IN int c)
|
||||||
{
|
{
|
||||||
unsigned char c = ( unsigned char )cc;
|
/* we don't check for this; it's checked in get_token() */
|
||||||
|
assert( c != '"' );
|
||||||
|
|
||||||
/* we don't check for this; it's checked in get_token() */
|
return
|
||||||
assert( c != '"' );
|
(c >= 32 && c != 127) ||
|
||||||
|
c == TOKCHAR_CR ||
|
||||||
if( ( c >= 32 && c != 127 ) ||
|
c == TOKCHAR_LF ||
|
||||||
( c == TOKCHAR_CR || c == TOKCHAR_LF || c == '\t' )
|
c == '\t';
|
||||||
) {
|
|
||||||
return TRUE;
|
|
||||||
} else {
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/************************************************************************
|
/************************************************************************
|
||||||
@ -226,7 +222,7 @@ static parse_status_t scanner_get_token(
|
|||||||
{
|
{
|
||||||
char *cursor;
|
char *cursor;
|
||||||
char *null_terminator; /* point to null-terminator in buffer */
|
char *null_terminator; /* point to null-terminator in buffer */
|
||||||
char c;
|
int c;
|
||||||
token_type_t token_type;
|
token_type_t token_type;
|
||||||
int got_end_quote;
|
int got_end_quote;
|
||||||
|
|
||||||
@ -294,8 +290,7 @@ static parse_status_t scanner_get_token(
|
|||||||
} else if (c == '\\') {
|
} else if (c == '\\') {
|
||||||
if (cursor < null_terminator) {
|
if (cursor < null_terminator) {
|
||||||
c = *cursor++;
|
c = *cursor++;
|
||||||
/*if ( !(c > 0 && c <= 127) ) */
|
if (c < 0 || c > 127)
|
||||||
if (c == 0)
|
|
||||||
return PARSE_FAILURE;
|
return PARSE_FAILURE;
|
||||||
}
|
}
|
||||||
/* else, while loop handles incomplete buf */
|
/* else, while loop handles incomplete buf */
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user