Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Contribute to GitLab
Sign in
Toggle navigation
M
mongoose
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
esp
mongoose
Commits
0bd43bca
Commit
0bd43bca
authored
Feb 16, 2013
by
Sergey Lyubka
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Using mg_strcasestr() instead of strstr()
parent
b809665c
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
27 additions
and
4 deletions
+27
-4
mongoose.c
mongoose.c
+17
-4
unit_test.c
test/unit_test.c
+10
-0
No files found.
mongoose.c
View file @
0bd43bca
...
@@ -694,6 +694,18 @@ static char * mg_strdup(const char *str) {
...
@@ -694,6 +694,18 @@ static char * mg_strdup(const char *str) {
return
mg_strndup
(
str
,
strlen
(
str
));
return
mg_strndup
(
str
,
strlen
(
str
));
}
}
static
const
char
*
mg_strcasestr
(
const
char
*
big
,
const
char
*
small
)
{
int
i
,
big_len
=
strlen
(
big
),
small_len
=
strlen
(
small
);
for
(
i
=
0
;
i
<=
big_len
-
small_len
;
i
++
)
{
if
(
mg_strncasecmp
(
big
+
i
,
small
,
small_len
)
==
0
)
{
return
big
+
i
;
}
}
return
NULL
;
}
// Like snprintf(), but never returns negative value, or a value
// Like snprintf(), but never returns negative value, or a value
// that is larger than a supplied buffer.
// that is larger than a supplied buffer.
// Thanks to Adam Zeldis to pointing snprintf()-caused vulnerability
// Thanks to Adam Zeldis to pointing snprintf()-caused vulnerability
...
@@ -1716,7 +1728,7 @@ int mg_get_cookie(const struct mg_connection *conn, const char *cookie_name,
...
@@ -1716,7 +1728,7 @@ int mg_get_cookie(const struct mg_connection *conn, const char *cookie_name,
end
=
s
+
strlen
(
s
);
end
=
s
+
strlen
(
s
);
dst
[
0
]
=
'\0'
;
dst
[
0
]
=
'\0'
;
for
(;
(
s
=
str
str
(
s
,
cookie_name
))
!=
NULL
;
s
+=
name_len
)
{
for
(;
(
s
=
mg_strcase
str
(
s
,
cookie_name
))
!=
NULL
;
s
+=
name_len
)
{
if
(
s
[
name_len
]
==
'='
)
{
if
(
s
[
name_len
]
==
'='
)
{
s
+=
name_len
+
1
;
s
+=
name_len
+
1
;
if
((
p
=
strchr
(
s
,
' '
))
==
NULL
)
if
((
p
=
strchr
(
s
,
' '
))
==
NULL
)
...
@@ -3839,8 +3851,8 @@ static int is_websocket_request(const struct mg_connection *conn) {
...
@@ -3839,8 +3851,8 @@ static int is_websocket_request(const struct mg_connection *conn) {
return
host
!=
NULL
&&
upgrade
!=
NULL
&&
connection
!=
NULL
&&
return
host
!=
NULL
&&
upgrade
!=
NULL
&&
connection
!=
NULL
&&
key
!=
NULL
&&
version
!=
NULL
&&
key
!=
NULL
&&
version
!=
NULL
&&
str
str
(
upgrade
,
"websocket"
)
!=
NULL
&&
mg_strcase
str
(
upgrade
,
"websocket"
)
!=
NULL
&&
str
str
(
connection
,
"Upgrade"
)
!=
NULL
;
mg_strcase
str
(
connection
,
"Upgrade"
)
!=
NULL
;
}
}
#endif // !USE_WEBSOCKET
#endif // !USE_WEBSOCKET
...
@@ -4070,7 +4082,8 @@ int mg_upload(struct mg_connection *conn, const char *destination_dir) {
...
@@ -4070,7 +4082,8 @@ int mg_upload(struct mg_connection *conn, const char *destination_dir) {
// Extract boundary string from the Content-Type header
// Extract boundary string from the Content-Type header
if
((
content_type_header
=
mg_get_header
(
conn
,
"Content-Type"
))
==
NULL
||
if
((
content_type_header
=
mg_get_header
(
conn
,
"Content-Type"
))
==
NULL
||
(
boundary_start
=
strstr
(
content_type_header
,
"boundary="
))
==
NULL
||
(
boundary_start
=
mg_strcasestr
(
content_type_header
,
"boundary="
))
==
NULL
||
(
sscanf
(
boundary_start
,
"boundary=
\"
%99[^
\"
]
\"
"
,
boundary
)
==
0
&&
(
sscanf
(
boundary_start
,
"boundary=
\"
%99[^
\"
]
\"
"
,
boundary
)
==
0
&&
sscanf
(
boundary_start
,
"boundary=%99s"
,
boundary
)
==
0
)
||
sscanf
(
boundary_start
,
"boundary=%99s"
,
boundary
)
==
0
)
||
boundary
[
0
]
==
'\0'
)
{
boundary
[
0
]
==
'\0'
)
{
...
...
test/unit_test.c
View file @
0bd43bca
...
@@ -589,7 +589,17 @@ static void test_url_decode(void) {
...
@@ -589,7 +589,17 @@ static void test_url_decode(void) {
ASSERT
(
strcmp
(
buf
,
"a "
)
==
0
);
ASSERT
(
strcmp
(
buf
,
"a "
)
==
0
);
}
}
static
void
test_mg_strcasestr
(
void
)
{
static
const
char
*
big1
=
"abcdef"
;
ASSERT
(
mg_strcasestr
(
"Y"
,
"X"
)
==
NULL
);
ASSERT
(
mg_strcasestr
(
"Y"
,
"y"
)
!=
NULL
);
ASSERT
(
mg_strcasestr
(
big1
,
"X"
)
==
NULL
);
ASSERT
(
mg_strcasestr
(
big1
,
"CD"
)
==
big1
+
2
);
ASSERT
(
mg_strcasestr
(
"aa"
,
"AAB"
)
==
NULL
);
}
int
__cdecl
main
(
void
)
{
int
__cdecl
main
(
void
)
{
test_mg_strcasestr
();
test_alloc_vprintf
();
test_alloc_vprintf
();
test_base64_encode
();
test_base64_encode
();
test_match_prefix
();
test_match_prefix
();
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment