httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roy T. Fielding" <field...@kiwi.ICS.UCI.EDU>
Subject Re: [BUG]: "unescape_url don't convert '+' to blank" on Linux (fwd)
Date Fri, 07 Mar 1997 16:54:30 GMT
>> From nobody@hyperreal.com  Tue Feb 25 14:23:58 1997
>> Message-Id: <199702251924.LAA02629@taz.hyperreal.com>
>> From: richter@ecos.de
>> To: awm@qosina.com
>> Date: Tue Feb 25 11:24:10 1997
>> Subject: [BUG]: "unescape_url don't convert '+' to blank" on Linux
>> 
>> Submitter: richter@ecos.de
>> Operating system: Linux, version: 2.0.26
>> Version of Apache Used: 1.2b7
>> Extra Modules used: mod_perl
>> URL exhibiting problem: 
>> 
>> Symptoms:
>> --
>> unescape_url don't convert the plus sign to blank. This makes trouble when u
>sing it to unescape form contents, which may contain blanks. The following pat
>ch to util.c should fix the problem:
>> 
>> --- util.c.orig Tue Feb 25 13:17:58 1997
>> +++ util.c      Tue Feb 25 15:33:46 1997
>> @@ -744,7 +744,8 @@
>>      badesc = 0;
>>      badpath = 0;
>>      for(x=0,y=0;url[y];++x,++y) {
>> -       if (url[y] != '%') url[x] = url[y];
>> +       if (url[y] == '+') url[x] = ' ';
>> +       else if (url[y] != '%') url[x] = url[y];
>>         else
>>         {
>>             if (!isxdigit(url[y+1]) || !isxdigit(url[y+2]))
>> 

That patch will cause your server to fail on any file/directory
name that contains a "+" (a perfectly legal filename character on Unix).
unescape_url is not intended to unescape the query info part of a URL,
and the CGI is capable of doing that on its own anyway.

.....Roy   [that's a big -1, dudes]

Mime
View raw message