httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 52370] New: apreq_decode/url_decode length miscalculation
Date Mon, 19 Dec 2011 21:36:18 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=52370

             Bug #: 52370
           Summary: apreq_decode/url_decode length miscalculation
           Product: Apache httpd-2
           Version: 2.5-HEAD
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libapreq2
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: gleonid@yahoo.com
    Classification: Unclassified


in libapreq2-2.13.

in library/util.c file there is a bug in apreq_decode implementation.

Bug appears when destination buffer is the same as a source.

Basically problem is that if source string has at least one non encoded
character in the beginning - resulting(decoded) string length ends up being
lesser than it should be.

here is a proposed patch:

# diff -rNu util.c.orig util.c > util.c.patch
# patch util.c <<
--- util.c.orig Thu Mar 05 19:39:07 2009
+++ util.c  Wed Dec 02 16:08:13 2009
@@ -432,6 +432,7 @@
 {
     apr_size_t len = 0;
     const char *end = s + slen;
+    apr_status_t status = APR_SUCCESS;

     if (s == (const char *)d) {     /* optimize for src = dest case */
         for ( ; d < end; ++d) {
@@ -447,7 +448,10 @@
         slen -= len;
     }

-    return url_decode(d, dlen, s, &slen);
+    status = url_decode(d, dlen, s, &slen);
+    if (APR_SUCCESS == status)
+        *dlen += len;
+    return status;
 }

 APREQ_DECLARE(apr_status_t) apreq_decodev(char *d, apr_size_t *dlen,
<<

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message