Return-Path: Delivered-To: apmail-httpd-bugs-archive@www.apache.org Received: (qmail 6641 invoked from network); 11 Feb 2011 23:01:25 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 11 Feb 2011 23:01:25 -0000 Received: (qmail 76538 invoked by uid 500); 11 Feb 2011 23:01:25 -0000 Delivered-To: apmail-httpd-bugs-archive@httpd.apache.org Received: (qmail 76402 invoked by uid 500); 11 Feb 2011 23:01:24 -0000 Mailing-List: contact bugs-help@httpd.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: Reply-To: "Apache HTTPD Bugs Notification List" List-Id: Delivered-To: mailing list bugs@httpd.apache.org Received: (qmail 76392 invoked by uid 99); 11 Feb 2011 23:01:24 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 Feb 2011 23:01:24 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.22] (HELO thor.apache.org) (140.211.11.22) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 Feb 2011 23:01:21 +0000 Received: from thor.apache.org (localhost [127.0.0.1]) by thor.apache.org (8.13.8+Sun/8.13.8) with ESMTP id p1BN10O2026781 for ; Fri, 11 Feb 2011 23:01:00 GMT Received: (from daemon@localhost) by thor.apache.org (8.13.8+Sun/8.13.8/Submit) id p1BN0xo1026780; Fri, 11 Feb 2011 18:00:59 -0500 (EST) Date: Fri, 11 Feb 2011 18:00:59 -0500 (EST) Message-Id: <201102112300.p1BN0xo1026780@thor.apache.org> From: bugzilla@apache.org To: bugs@httpd.apache.org Subject: DO NOT REPLY [Bug 50199] ap_cache_liststr fails to parse quoted strings X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Apache httpd-2 X-Bugzilla-Component: mod_cache X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: minfrin@sharp.fm X-Bugzilla-Status: NEW X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: bugs@httpd.apache.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: In-Reply-To: References: X-Bugzilla-URL: https://issues.apache.org/bugzilla/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org https://issues.apache.org/bugzilla/show_bug.cgi?id=50199 --- Comment #1 from Graham Leggett 2011-02-11 18:00:56 EST --- The following patch fixes this issue, however waiting to find out whether this functions belongs in mod_cache, or in APR. Index: modules/cache/cache_util.c =================================================================== --- modules/cache/cache_util.c (revision 1069969) +++ modules/cache/cache_util.c (working copy) @@ -27,6 +27,8 @@ extern module AP_MODULE_DECLARE_DATA cache_module; +#define CACHE_SEPARATOR ", " + /* Determine if "url" matches the hostname, scheme and port and path * in "filter". All but the path comparisons are case-insensitive. */ @@ -1022,6 +1024,74 @@ } /** + * String tokenizer that ignores separator characters within quoted strings + * and escaped characters, as per RFC2616 section 2.2. + */ +static char *cache_strqtok(char *str, const char *sep, char **last) +{ + char *token; + int quoted = 0; + + if (!str) { /* subsequent call */ + str = *last; /* start where we left off */ + } + + /* skip characters in sep (will terminate at '\0') */ + while (*str && strchr(sep, *str)) { + ++str; + } + + if (!*str) { /* no more tokens */ + return NULL; + } + + token = str; + + /* skip valid token characters to terminate token and + * prepare for the next call (will terminate at '\0) + * on the way, ignore all quoted strings, and within + * quoted strings, escaped characters. + */ + *last = token + 1; + while (**last) { + if (!quoted) { + if (**last == '\"') { + quoted = 1; + ++*last; + } + else if (!strchr(sep, **last)) { + ++*last; + } + else { + break; + } + } + else { + if (**last == '\"') { + quoted = 0; + ++*last; + } + else if (**last == '\\') { + ++*last; + if (**last) { + ++*last; + } + } + else { + ++*last; + } + } + } + + if (**last) { + **last = '\0'; + ++*last; + } + + return token; +} + +/** * Parse the Cache-Control and Pragma headers in one go, marking * which tokens appear within the header. Populate the structure * passed in. @@ -1043,7 +1113,7 @@ if (pragma_header) { char *header = apr_pstrdup(r->pool, pragma_header); - const char *token = apr_strtok(header, ", ", &last); + const char *token = cache_strqtok(header, CACHE_SEPARATOR, &last); while (token) { /* handle most common quickest case... */ if (!strcmp(token, "no-cache")) { @@ -1053,14 +1123,14 @@ else if (!strcasecmp(token, "no-cache")) { cc->no_cache = 1; } - token = apr_strtok(NULL, ", ", &last); + token = cache_strqtok(NULL, CACHE_SEPARATOR, &last); } cc->pragma = 1; } if (cc_header) { char *header = apr_pstrdup(r->pool, cc_header); - const char *token = apr_strtok(header, ", ", &last); + const char *token = cache_strqtok(header, CACHE_SEPARATOR, &last); while (token) { switch (token[0]) { case 'n': @@ -1178,7 +1248,7 @@ break; } } - token = apr_strtok(NULL, ", ", &last); + token = cache_strqtok(NULL, CACHE_SEPARATOR, &last); } cc->cache_control = 1; } -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org For additional commands, e-mail: bugs-help@httpd.apache.org