You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2022/11/02 13:20:13 UTC
svn commit: r1905018 - in /httpd/apreq/trunk: CHANGES library/parser_multipart.c library/t/util.c
Author: ylavic
Date: Wed Nov 2 13:20:13 2022
New Revision: 1905018
URL: http://svn.apache.org/viewvc?rev=1905018&view=rev
Log:
apreq_parse_multipart: allow (back) empty parts' "name" and "filename".
Fixes regression in v2.17, restoring the behaviour of v2.16.
Submitted by: Joe Schaefer
Modified:
httpd/apreq/trunk/CHANGES
httpd/apreq/trunk/library/parser_multipart.c
httpd/apreq/trunk/library/t/util.c
Modified: httpd/apreq/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/apreq/trunk/CHANGES?rev=1905018&r1=1905017&r2=1905018&view=diff
==============================================================================
--- httpd/apreq/trunk/CHANGES (original)
+++ httpd/apreq/trunk/CHANGES Wed Nov 2 13:20:13 2022
@@ -3,6 +3,9 @@
@subsubsection v2_18 Changes with libapreq2-2.18 (in development)
+- Multipart parser
+ Allow empty part "name" and "filename" (restore v2.16 behaviour).
+
@subsubsection v2_17 Changes with libapreq2-2.17 (released 25 August, 2022)
- Multipart header parser [Yann Ylavic]
Modified: httpd/apreq/trunk/library/parser_multipart.c
URL: http://svn.apache.org/viewvc/httpd/apreq/trunk/library/parser_multipart.c?rev=1905018&r1=1905017&r2=1905018&view=diff
==============================================================================
--- httpd/apreq/trunk/library/parser_multipart.c (original)
+++ httpd/apreq/trunk/library/parser_multipart.c Wed Nov 2 13:20:13 2022
@@ -425,7 +425,7 @@ APREQ_DECLARE_PARSER(apreq_parse_multipa
if (cd != NULL) {
s = apreq_header_attribute(cd, "name", 4,
&name, &nlen);
- if (s == APR_SUCCESS && nlen) {
+ if (s == APR_SUCCESS) {
next_ctx->param_name = apr_pstrmemdup(pool, name,
nlen);
}
@@ -460,14 +460,14 @@ APREQ_DECLARE_PARSER(apreq_parse_multipa
if (cd != NULL && strncmp(cd, "form-data", 9) == 0) {
s = apreq_header_attribute(cd, "name", 4, &name, &nlen);
- if (s != APR_SUCCESS || !nlen) {
+ if (s != APR_SUCCESS) {
ctx->status = MFD_ERROR;
goto mfd_parse_brigade;
}
s = apreq_header_attribute(cd, "filename",
8, &filename, &flen);
- if (s == APR_SUCCESS && flen) {
+ if (s == APR_SUCCESS) {
apreq_param_t *param;
param = apreq_param_make(pool, name, nlen,
@@ -497,7 +497,7 @@ APREQ_DECLARE_PARSER(apreq_parse_multipa
s = apreq_header_attribute(cd, "filename",
8, &filename, &flen);
- if (s != APR_SUCCESS || !flen || !ctx->param_name) {
+ if (s != APR_SUCCESS || !ctx->param_name) {
ctx->status = MFD_ERROR;
goto mfd_parse_brigade;
}
Modified: httpd/apreq/trunk/library/t/util.c
URL: http://svn.apache.org/viewvc/httpd/apreq/trunk/library/t/util.c?rev=1905018&r1=1905017&r2=1905018&view=diff
==============================================================================
--- httpd/apreq/trunk/library/t/util.c (original)
+++ httpd/apreq/trunk/library/t/util.c Wed Nov 2 13:20:13 2022
@@ -152,7 +152,7 @@ static void test_encode(dAT, void *ctx)
static void test_cp1252_to_utf8(dAT, void *ctx)
{
char src1[] = "%C3%80%E3%82%a2"; /* A_GRAVE KATAKANA_A as utf8 */
- char src2[5];
+ char src2[6]; /* + '\0' */
unsigned char expect[16];
apr_size_t slen;
@@ -270,7 +270,9 @@ static void test_file_mktemp(dAT, void *
static void test_header_attribute(dAT, void *ctx)
{
- const char hdr[] = "name=\"filename=foo\"; filename=\"quux.txt\"";
+ const char hdr[] = "form-data; name=\"filename=foo\"; filename=\"quux.txt\"";
+ const char opera[] = "form-data; name=\"foo\"; filename=\"\"";
+ const char empty[] = "form-data; name=\"\"; filename=\"\"";
const char *val;
apr_size_t vlen;
@@ -278,12 +280,25 @@ static void test_header_attribute(dAT, v
APR_SUCCESS);
AT_int_eq(vlen, 12);
AT_mem_eq("filename=foo", val, 12);
-
AT_int_eq(apreq_header_attribute(hdr, "filename", 8, &val, &vlen),
APR_SUCCESS);
AT_int_eq(vlen, 8);
AT_mem_eq("quux.txt", val, 8);
+ AT_int_eq(apreq_header_attribute(opera, "name", 4, &val, &vlen),
+ APR_SUCCESS);
+ AT_int_eq(vlen, 3);
+ AT_mem_eq("foo", val, 3);
+ AT_int_eq(apreq_header_attribute(opera, "filename", 8, &val, &vlen),
+ APR_SUCCESS);
+ AT_int_eq(vlen, 0);
+
+ AT_int_eq(apreq_header_attribute(empty, "name", 4, &val, &vlen),
+ APR_SUCCESS);
+ AT_int_eq(vlen,0);
+ AT_int_eq(apreq_header_attribute(empty, "filename", 8, &val, &vlen),
+ APR_SUCCESS);
+ AT_int_eq(vlen, 0);
}
static void test_brigade_concat(dAT, void *ctx)
@@ -315,7 +330,7 @@ int main(int argc, char *argv[])
{ dT(test_join, 0) },
{ dT(test_brigade_fwrite, 0) },
{ dT(test_file_mktemp, 0) },
- { dT(test_header_attribute, 6) },
+ { dT(test_header_attribute, 15) },
{ dT(test_brigade_concat, 0) },
};