You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2021/11/17 15:25:00 UTC
svn commit: r1895108 - /httpd/httpd/trunk/server/apreq_parser_multipart.c
Author: ylavic
Date: Wed Nov 17 15:25:00 2021
New Revision: 1895108
URL: http://svn.apache.org/viewvc?rev=1895108&view=rev
Log:
Sync r1895107 from libapreq.
Modified:
httpd/httpd/trunk/server/apreq_parser_multipart.c
Modified: httpd/httpd/trunk/server/apreq_parser_multipart.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/apreq_parser_multipart.c?rev=1895108&r1=1895107&r2=1895108&view=diff
==============================================================================
--- httpd/httpd/trunk/server/apreq_parser_multipart.c (original)
+++ httpd/httpd/trunk/server/apreq_parser_multipart.c Wed Nov 17 15:25:00 2021
@@ -422,22 +422,27 @@ APREQ_DECLARE_PARSER(apreq_parse_multipa
goto mfd_parse_brigade;
}
- next_ctx->param_name = "";
-
if (cd != NULL) {
s = apreq_header_attribute(cd, "name", 4,
&name, &nlen);
- if (s == APR_SUCCESS) {
- next_ctx->param_name
- = apr_pstrmemdup(pool, name, nlen);
+ if (s == APR_SUCCESS && nlen) {
+ next_ctx->param_name = apr_pstrmemdup(pool, name,
+ nlen);
+ }
+ else if (s != APREQ_ERROR_NOATTR) {
+ ctx->status = MFD_ERROR;
+ goto mfd_parse_brigade;
+ }
+ }
+ if (!next_ctx->param_name) {
+ const char *cid = apr_table_get(ctx->info,
+ "Content-ID");
+ if (cid) {
+ next_ctx->param_name = apr_pstrdup(pool, cid);
}
else {
- const char *cid = apr_table_get(ctx->info,
- "Content-ID");
- if (cid != NULL)
- next_ctx->param_name = apr_pstrdup(pool, cid);
+ next_ctx->param_name = "";
}
-
}
ctx->next_parser = apreq_parser_make(pool, ba, ct,
@@ -455,14 +460,14 @@ APREQ_DECLARE_PARSER(apreq_parse_multipa
if (cd != NULL && strncmp(cd, "form-data", 9) == 0) {
s = apreq_header_attribute(cd, "name", 4, &name, &nlen);
- if (s != APR_SUCCESS) {
+ if (s != APR_SUCCESS || !nlen) {
ctx->status = MFD_ERROR;
goto mfd_parse_brigade;
}
s = apreq_header_attribute(cd, "filename",
8, &filename, &flen);
- if (s == APR_SUCCESS) {
+ if (s == APR_SUCCESS && flen) {
apreq_param_t *param;
param = apreq_param_make(pool, name, nlen,
@@ -475,6 +480,10 @@ APREQ_DECLARE_PARSER(apreq_parse_multipa
ctx->status = MFD_UPLOAD;
goto mfd_parse_brigade;
}
+ else if (s != APREQ_ERROR_NOATTR) {
+ ctx->status = MFD_ERROR;
+ goto mfd_parse_brigade;
+ }
else {
ctx->param_name = apr_pstrmemdup(pool, name, nlen);
ctx->status = MFD_PARAM;
@@ -488,7 +497,7 @@ APREQ_DECLARE_PARSER(apreq_parse_multipa
s = apreq_header_attribute(cd, "filename",
8, &filename, &flen);
- if (s != APR_SUCCESS || ctx->param_name == NULL) {
+ if (s != APR_SUCCESS || !flen || !ctx->param_name) {
ctx->status = MFD_ERROR;
goto mfd_parse_brigade;
}