diff options
Diffstat (limited to 'src/microhttpd/gen_auth.c')
-rw-r--r-- | src/microhttpd/gen_auth.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/src/microhttpd/gen_auth.c b/src/microhttpd/gen_auth.c index 2cab478b..e13d5578 100644 --- a/src/microhttpd/gen_auth.c +++ b/src/microhttpd/gen_auth.c | |||
@@ -187,7 +187,8 @@ parse_dauth_params (const char *str, | |||
187 | ('=' == str[i + aparam->tk_name->len]) || | 187 | ('=' == str[i + aparam->tk_name->len]) || |
188 | (' ' == str[i + aparam->tk_name->len]) || | 188 | (' ' == str[i + aparam->tk_name->len]) || |
189 | ('\t' == str[i + aparam->tk_name->len]) || | 189 | ('\t' == str[i + aparam->tk_name->len]) || |
190 | (',' == str[i + aparam->tk_name->len])) ) | 190 | (',' == str[i + aparam->tk_name->len]) || |
191 | (';' == str[i + aparam->tk_name->len])) ) | ||
191 | { | 192 | { |
192 | size_t value_start; | 193 | size_t value_start; |
193 | size_t value_len; | 194 | size_t value_len; |
@@ -236,6 +237,8 @@ parse_dauth_params (const char *str, | |||
236 | { | 237 | { |
237 | if (0 == str[i]) | 238 | if (0 == str[i]) |
238 | return false; /* Binary zero in parameter value */ | 239 | return false; /* Binary zero in parameter value */ |
240 | if (';' == str[i]) | ||
241 | return false; /* Semicolon in parameter value */ | ||
239 | i++; | 242 | i++; |
240 | } | 243 | } |
241 | value_len = i - value_start; | 244 | value_len = i - value_start; |
@@ -263,13 +266,17 @@ parse_dauth_params (const char *str, | |||
263 | /* No matching parameter name */ | 266 | /* No matching parameter name */ |
264 | while (str_len > i && ',' != str[i]) | 267 | while (str_len > i && ',' != str[i]) |
265 | { | 268 | { |
269 | if ((0 == str[i]) || (';' == str[i])) | ||
270 | return false; /* Not allowed characters */ | ||
266 | if ('"' == str[i]) | 271 | if ('"' == str[i]) |
267 | { /* Skip quoted part */ | 272 | { /* Skip quoted part */ |
268 | i++; /* Advance after the opening quote */ | 273 | i++; /* Advance after the opening quote */ |
269 | while (str_len > i && '"' != str[i]) | 274 | while (str_len > i && '"' != str[i]) |
270 | { | 275 | { |
276 | if (0 == str[i]) | ||
277 | return false; /* Binary zero is not allowed */ | ||
271 | if ('\\' == str[i]) | 278 | if ('\\' == str[i]) |
272 | i++; /* Skip escaped char */ | 279 | i++; /* Skip escaped char */ |
273 | i++; | 280 | i++; |
274 | } | 281 | } |
275 | if (str_len <= i) | 282 | if (str_len <= i) |