commit dbb1222de7d57f5aad9d1c78bb8305d388551040
parent 8a2da6d6a3b7ab04b3bd0506d0f245997bb49b52
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
Date: Sun, 5 Jun 2022 12:26:00 +0300
gen_auth: do not allow semicolon for diget auth unless it is in a quoted string
Also forbid binary zero
Diffstat:
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/src/microhttpd/gen_auth.c b/src/microhttpd/gen_auth.c
@@ -187,7 +187,8 @@ parse_dauth_params (const char *str,
('=' == str[i + aparam->tk_name->len]) ||
(' ' == str[i + aparam->tk_name->len]) ||
('\t' == str[i + aparam->tk_name->len]) ||
- (',' == str[i + aparam->tk_name->len])) )
+ (',' == str[i + aparam->tk_name->len]) ||
+ (';' == str[i + aparam->tk_name->len])) )
{
size_t value_start;
size_t value_len;
@@ -236,6 +237,8 @@ parse_dauth_params (const char *str,
{
if (0 == str[i])
return false; /* Binary zero in parameter value */
+ if (';' == str[i])
+ return false; /* Semicolon in parameter value */
i++;
}
value_len = i - value_start;
@@ -263,13 +266,17 @@ parse_dauth_params (const char *str,
/* No matching parameter name */
while (str_len > i && ',' != str[i])
{
+ if ((0 == str[i]) || (';' == str[i]))
+ return false; /* Not allowed characters */
if ('"' == str[i])
{ /* Skip quoted part */
i++; /* Advance after the opening quote */
while (str_len > i && '"' != str[i])
{
+ if (0 == str[i])
+ return false; /* Binary zero is not allowed */
if ('\\' == str[i])
- i++; /* Skip escaped char */
+ i++; /* Skip escaped char */
i++;
}
if (str_len <= i)
