You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Joe Orton <jo...@redhat.com> on 2004/01/03 17:45:21 UTC
Re: cvs commit: httpd-2.0/server gen_test_char.c
On Sat, Jan 03, 2004 at 04:31:32PM -0000, ben@apache.org wrote:
> ben 2004/01/03 08:31:32
>
> Modified: server gen_test_char.c
> Log:
> Make forensic logging safe for POST data. The issue with strchr and NUL is
> a red herring.
I don't think this is a safe change: 0 is now flagged with
T_ESCAPE_FORENSIC|T_ESCAPE_LOGITEM|T_HTTP_TOKEN_STOP|T_ESCAPE_SHELL_CMD.
At least ap_find_token() assumes that 0 is not flagged with
T_HTTP_TOKEN_STOP.
>
> Revision Changes Path
> 1.19 +3 -7 httpd-2.0/server/gen_test_char.c
>
> Index: gen_test_char.c
> ===================================================================
> RCS file: /home/cvs/httpd-2.0/server/gen_test_char.c,v
> retrieving revision 1.18
> retrieving revision 1.19
> diff -u -r1.18 -r1.19
> --- gen_test_char.c 3 Jan 2004 15:33:41 -0000 1.18
> +++ gen_test_char.c 3 Jan 2004 16:31:32 -0000 1.19
> @@ -90,8 +90,7 @@
> "#define T_ESCAPE_LOGITEM (%u)\n"
> "#define T_ESCAPE_FORENSIC (%u)\n"
> "\n"
> - "static const unsigned char test_char_table[256] = {\n"
> - " 0,",
> + "static const unsigned char test_char_table[256] = {",
> T_ESCAPE_SHELL_CMD,
> T_ESCAPE_PATH_SEGMENT,
> T_OS_ESCAPE_PATH,
> @@ -99,10 +98,7 @@
> T_ESCAPE_LOGITEM,
> T_ESCAPE_FORENSIC);
>
> - /* we explicitly dealt with NUL above
> - * in case some strchr() do bogosity with it */
> -
> - for (c = 1; c < 256; ++c) {
> + for (c = 0; c < 256; ++c) {
> flags = 0;
> if (c % 20 == 0)
> printf("\n ");
> @@ -154,7 +150,7 @@
> * :, | (used as delimiters) and % (used for escaping).
> */
> if (!apr_isprint(c) || c == ':' || c == '|' || c == '%'
> - || apr_iscntrl(c)) {
> + || apr_iscntrl(c) || !c) {
> flags |= T_ESCAPE_FORENSIC;
> }
>
>
>
>
Re: cvs commit: httpd-2.0/server gen_test_char.c
Posted by Ben Laurie <be...@algroup.co.uk>.
Joe Orton wrote:
> On Sat, Jan 03, 2004 at 04:31:32PM -0000, ben@apache.org wrote:
>
>>ben 2004/01/03 08:31:32
>>
>> Modified: server gen_test_char.c
>> Log:
>> Make forensic logging safe for POST data. The issue with strchr and NUL is
>> a red herring.
>
>
> I don't think this is a safe change: 0 is now flagged with
> T_ESCAPE_FORENSIC|T_ESCAPE_LOGITEM|T_HTTP_TOKEN_STOP|T_ESCAPE_SHELL_CMD.
> At least ap_find_token() assumes that 0 is not flagged with
> T_HTTP_TOKEN_STOP.
I shall fix it.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff