You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Randy Terbush <ra...@zyzzyva.com> on 1997/05/07 06:11:09 UTC
[PATCH] SEGV in unescape_url()
This should probably not SEGV if passed a NULL argument. The change
is just a one liner. The rest is just formating changes.
Index: util.c
===================================================================
RCS file: /export/home/cvs/apache/src/util.c,v
retrieving revision 1.52
diff -c -r1.52 util.c
*** util.c 1997/04/12 04:24:59 1.52
--- util.c 1997/05/07 04:10:39
***************
*** 755,775 ****
* returns NOT_FOUND
*/
int
! unescape_url(char *url) {
! register int x,y, badesc, badpath;
badesc = 0;
badpath = 0;
! for(x=0,y=0;url[y];++x,++y) {
! if (url[y] != '%') url[x] = url[y];
! else
! {
! if (!isxdigit(url[y+1]) || !isxdigit(url[y+2]))
! {
badesc = 1;
url[x] = '%';
! } else
! {
url[x] = x2c(&url[y+1]);
y += 2;
if (url[x] == '/' || url[x] == '\0') badpath = 1;
--- 755,779 ----
* returns NOT_FOUND
*/
int
! unescape_url(char *url)
! {
! register int x, y, badesc, badpath;
+ if (!url) return OK;
+
badesc = 0;
badpath = 0;
!
! for(x=0,y=0; url[y]; ++x,++y) {
! if (url[y] != '%') {
! url[x] = url[y];
! }
! else {
! if (!isxdigit(url[y+1]) || !isxdigit(url[y+2])) {
badesc = 1;
url[x] = '%';
! }
! else {
url[x] = x2c(&url[y+1]);
y += 2;
if (url[x] == '/' || url[x] == '\0') badpath = 1;