You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by zw...@apache.org on 2018/04/06 23:40:47 UTC
[trafficserver] branch master updated: Fixed length calculation for
url_sig excl regexes.
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 96466de Fixed length calculation for url_sig excl regexes.
96466de is described below
commit 96466de3093d1c8734ea2d82861101c1adb97fef
Author: Chris Lemmons <al...@gmail.com>
AuthorDate: Fri Apr 6 11:55:55 2018 -0600
Fixed length calculation for url_sig excl regexes.
The old calculation was incorrectly calculating the length to be
searched. Fortunately, it was not possible for the length to be
overlong, so there is no security concern, simply a bug that caused some
requests that should have been whitelisted via the excl regex to be
validated (and therefore to fail) incorrectly.
This change corrects the calculation.
---
plugins/experimental/url_sig/url_sig.c | 18 ++++++++----------
1 file changed, 8 insertions(+), 10 deletions(-)
diff --git a/plugins/experimental/url_sig/url_sig.c b/plugins/experimental/url_sig/url_sig.c
index 5397d3f..b0400a3 100644
--- a/plugins/experimental/url_sig/url_sig.c
+++ b/plugins/experimental/url_sig/url_sig.c
@@ -509,17 +509,15 @@ TSRemapDoRemap(void *ih, TSHttpTxn txnp, TSRemapRequestInfo *rri)
const char *query = strchr(url, '?');
if (cfg->regex) {
- int offset = 0, options = 0;
+ const int offset = 0, options = 0;
int ovector[30];
- int len = url_len;
- const char *anchor = strchr(url, '#');
- if (query && !anchor) {
- len -= (query - url);
- } else if (anchor && !query) {
- len -= (anchor - url);
- } else if (anchor && query) {
- len -= ((query < anchor ? query : anchor) - url);
- }
+
+ /* Only search up to the first ? or # */
+ const char *base_url_end = url;
+ while (*base_url_end && !(*base_url_end == '?' || *base_url_end == '#'))
+ ++base_url_end;
+ const int len = base_url_end - url;
+
if (pcre_exec(cfg->regex, cfg->regex_extra, url, len, offset, options, ovector, 30) >= 0) {
goto allow;
}
--
To stop receiving notification emails like this one, please contact
zwoop@apache.org.