You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2021/11/14 11:22:07 UTC
svn commit: r1895023 - in /httpd/httpd/trunk/server: apreq_parser_multipart.c apreq_util.c
Author: ylavic
Date: Sun Nov 14 11:22:07 2021
New Revision: 1895023
URL: http://svn.apache.org/viewvc?rev=1895023&view=rev
Log:
Sync r1895020 and r1895021 from libapreq.
Modified:
httpd/httpd/trunk/server/apreq_parser_multipart.c
httpd/httpd/trunk/server/apreq_util.c
Modified: httpd/httpd/trunk/server/apreq_parser_multipart.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/apreq_parser_multipart.c?rev=1895023&r1=1895022&r2=1895023&view=diff
==============================================================================
--- httpd/httpd/trunk/server/apreq_parser_multipart.c (original)
+++ httpd/httpd/trunk/server/apreq_parser_multipart.c Sun Nov 14 11:22:07 2021
@@ -240,6 +240,8 @@ struct mfd_ctx * create_multipart_contex
(const char **)&ctx->bdry, &blen);
if (s != APR_SUCCESS)
return NULL; /* missing boundary */
+ if (!ctx->bdry || !*ctx->bdry)
+ return NULL; /* boundary with no or empty value */
ctx->bdry[blen] = 0;
Modified: httpd/httpd/trunk/server/apreq_util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/apreq_util.c?rev=1895023&r1=1895022&r2=1895023&view=diff
==============================================================================
--- httpd/httpd/trunk/server/apreq_util.c (original)
+++ httpd/httpd/trunk/server/apreq_util.c Sun Nov 14 11:22:07 2021
@@ -868,7 +868,7 @@ APREQ_DECLARE(apr_status_t)
case '=':
case ';':
case ',':
- v = hde + 1;
+ v = hde;
hde -= tail;
break;
case ' ':
@@ -891,12 +891,13 @@ APREQ_DECLARE(apr_status_t)
}
/* Parse the value => (*val, *vlen) */
- if (v[-1] == '=') {
+ if (*v == '=') {
if (hde == hdr) {
/* The name can't be empty */
return APREQ_ERROR_BADATTR;
}
+ ++v;
while (IS_SPACE_CHAR(*v))
++v;