kdc: de_http stricter parsing
In de_http() treat any sequence of '%' not followed by two hex digits as invalid. Change-Id: I812665c1a2806f8daba06d267bbee57287aa2314
This commit is contained in:
Jeffrey Altman
committed by
Viktor Dukhovni
Viktor Dukhovni
parent
097e96cbf4
commit
ebae52f3cc
@@ -515,15 +515,21 @@ static int
|
|||||||
de_http(char *buf)
|
de_http(char *buf)
|
||||||
{
|
{
|
||||||
unsigned char *p, *q;
|
unsigned char *p, *q;
|
||||||
for(p = q = (unsigned char *)buf; *p; p++, q++) {
|
unsigned int x;
|
||||||
if(*p == '%' && isxdigit(p[1]) && isxdigit(p[2])) {
|
|
||||||
unsigned int x;
|
for (p = q = (unsigned char *)buf; *p; p++, q++) {
|
||||||
if(sscanf((char *)p + 1, "%2x", &x) != 1)
|
if (*p == '%') {
|
||||||
|
if (!(isxdigit(p[1]) && isxdigit(p[2])))
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
if (sscanf((char *)p + 1, "%2x", &x) != 1)
|
||||||
|
return -1;
|
||||||
|
|
||||||
*q = x;
|
*q = x;
|
||||||
p += 2;
|
p += 2;
|
||||||
} else
|
} else {
|
||||||
*q = *p;
|
*q = *p;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
*q = '\0';
|
*q = '\0';
|
||||||
return 0;
|
return 0;
|
||||||
|
|||||||
Reference in New Issue
Block a user