oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(handle_tcp): remove %-escapes in request

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6253 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
1999-05-18 12:06:55 +00:00
parent 7ccd04a7e2
commit d661025c46
1 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
kdc/connect.c
View File

@@ -411,6 +411,26 @@ clear_descr(struct descr *d)
d->s = -1; d->s = -1;
} }
/* remove HTTP %-quoting from buf */
static int
de_http(char *buf)
{
char *p, *q;
for(p = q = buf; *p; p++, q++) {
if(*p == '%') {
unsigned int x;
if(sscanf(p + 1, "%2x", &x) != 1)
return -1;
*q = x;
p += 2;
} else
*q = *p;
}
*q = '\0';
return 0;
}
#define TCP_TIMEOUT 4 #define TCP_TIMEOUT 4
static void static void
@@ -519,6 +539,13 @@ handle_tcp(struct descr *d, int index, int min_free)
} }
if(*t == '/') if(*t == '/')
t++; t++;
if(de_http(t) != 0) {
kdc_log(0, "Malformed HTTP request from %s", addr);
kdc_log(5, "Request: %s", t);
clear_descr(d + index);
free(data);
goto out;
}
len = base64_decode(t, data); len = base64_decode(t, data);
if(len <= 0){ if(len <= 0){
const char *msg = const char *msg =