You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2022/08/17 16:02:39 UTC
svn commit: r1903496 - /httpd/apreq/trunk/library/util.c
Author: ylavic
Date: Wed Aug 17 16:02:39 2022
New Revision: 1903496
URL: http://svn.apache.org/viewvc?rev=1903496&view=rev
Log:
library/util: Don't refuse value only attributes (with no name=).
* library/util.c(apreq_header_attribute):
If an attribute has no name, it should be considered a value only, thus
non-token characters are allowed (besides control chars still).
Modified:
httpd/apreq/trunk/library/util.c
Modified: httpd/apreq/trunk/library/util.c
URL: http://svn.apache.org/viewvc/httpd/apreq/trunk/library/util.c?rev=1903496&r1=1903495&r2=1903496&view=diff
==============================================================================
--- httpd/apreq/trunk/library/util.c (original)
+++ httpd/apreq/trunk/library/util.c Wed Aug 17 16:02:39 2022
@@ -855,6 +855,7 @@ APREQ_DECLARE(apr_status_t)
do {
const char *hde, *v;
apr_size_t tail = 0;
+ int name_is_token = 1;
/* Parse the name => [hdr:hde[ */
hde = hdr;
@@ -879,12 +880,15 @@ APREQ_DECLARE(apr_status_t)
++hde;
goto look_for_end_name;
default:
- /* The name is a token */
- if (!IS_TOKEN_CHAR(*hde))
+ /* No control chars */
+ if (apr_iscntrl(*hde))
return APREQ_ERROR_BADCHAR;
/* Nothing after the tail */
if (tail)
return APREQ_ERROR_BADATTR;
+ /* Mark non-token for the name=value case */
+ if (!IS_TOKEN_CHAR(*hde))
+ name_is_token = 0;
++hde;
goto look_for_end_name;
}
@@ -895,6 +899,10 @@ APREQ_DECLARE(apr_status_t)
/* The name can't be empty */
return APREQ_ERROR_BADATTR;
}
+ if (!name_is_token) {
+ /* The name must be a token in a name=value pair */
+ return APREQ_ERROR_BADCHAR;
+ }
++v;
while (IS_SPACE_CHAR(*v))