Commit 0bd43bca authored by Sergey Lyubka's avatar Sergey Lyubka

Using mg_strcasestr() instead of strstr()

parent b809665c
...@@ -694,6 +694,18 @@ static char * mg_strdup(const char *str) { ...@@ -694,6 +694,18 @@ static char * mg_strdup(const char *str) {
return mg_strndup(str, strlen(str)); return mg_strndup(str, strlen(str));
} }
static const char *mg_strcasestr(const char *big, const char *small) {
int i, big_len = strlen(big), small_len = strlen(small);
for (i = 0; i <= big_len - small_len; i++) {
if (mg_strncasecmp(big + i, small, small_len) == 0) {
return big + i;
}
}
return NULL;
}
// Like snprintf(), but never returns negative value, or a value // Like snprintf(), but never returns negative value, or a value
// that is larger than a supplied buffer. // that is larger than a supplied buffer.
// Thanks to Adam Zeldis to pointing snprintf()-caused vulnerability // Thanks to Adam Zeldis to pointing snprintf()-caused vulnerability
...@@ -1716,7 +1728,7 @@ int mg_get_cookie(const struct mg_connection *conn, const char *cookie_name, ...@@ -1716,7 +1728,7 @@ int mg_get_cookie(const struct mg_connection *conn, const char *cookie_name,
end = s + strlen(s); end = s + strlen(s);
dst[0] = '\0'; dst[0] = '\0';
for (; (s = strstr(s, cookie_name)) != NULL; s += name_len) { for (; (s = mg_strcasestr(s, cookie_name)) != NULL; s += name_len) {
if (s[name_len] == '=') { if (s[name_len] == '=') {
s += name_len + 1; s += name_len + 1;
if ((p = strchr(s, ' ')) == NULL) if ((p = strchr(s, ' ')) == NULL)
...@@ -3839,8 +3851,8 @@ static int is_websocket_request(const struct mg_connection *conn) { ...@@ -3839,8 +3851,8 @@ static int is_websocket_request(const struct mg_connection *conn) {
return host != NULL && upgrade != NULL && connection != NULL && return host != NULL && upgrade != NULL && connection != NULL &&
key != NULL && version != NULL && key != NULL && version != NULL &&
strstr(upgrade, "websocket") != NULL && mg_strcasestr(upgrade, "websocket") != NULL &&
strstr(connection, "Upgrade") != NULL; mg_strcasestr(connection, "Upgrade") != NULL;
} }
#endif // !USE_WEBSOCKET #endif // !USE_WEBSOCKET
...@@ -4070,7 +4082,8 @@ int mg_upload(struct mg_connection *conn, const char *destination_dir) { ...@@ -4070,7 +4082,8 @@ int mg_upload(struct mg_connection *conn, const char *destination_dir) {
// Extract boundary string from the Content-Type header // Extract boundary string from the Content-Type header
if ((content_type_header = mg_get_header(conn, "Content-Type")) == NULL || if ((content_type_header = mg_get_header(conn, "Content-Type")) == NULL ||
(boundary_start = strstr(content_type_header, "boundary=")) == NULL || (boundary_start = mg_strcasestr(content_type_header,
"boundary=")) == NULL ||
(sscanf(boundary_start, "boundary=\"%99[^\"]\"", boundary) == 0 && (sscanf(boundary_start, "boundary=\"%99[^\"]\"", boundary) == 0 &&
sscanf(boundary_start, "boundary=%99s", boundary) == 0) || sscanf(boundary_start, "boundary=%99s", boundary) == 0) ||
boundary[0] == '\0') { boundary[0] == '\0') {
......
...@@ -589,7 +589,17 @@ static void test_url_decode(void) { ...@@ -589,7 +589,17 @@ static void test_url_decode(void) {
ASSERT(strcmp(buf, "a ") == 0); ASSERT(strcmp(buf, "a ") == 0);
} }
static void test_mg_strcasestr(void) {
static const char *big1 = "abcdef";
ASSERT(mg_strcasestr("Y", "X") == NULL);
ASSERT(mg_strcasestr("Y", "y") != NULL);
ASSERT(mg_strcasestr(big1, "X") == NULL);
ASSERT(mg_strcasestr(big1, "CD") == big1 + 2);
ASSERT(mg_strcasestr("aa", "AAB") == NULL);
}
int __cdecl main(void) { int __cdecl main(void) {
test_mg_strcasestr();
test_alloc_vprintf(); test_alloc_vprintf();
test_base64_encode(); test_base64_encode();
test_match_prefix(); test_match_prefix();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment