Replaces a few strcasestr() calls. The World is a bit safer now.

git-svn-id: svn://cherokee-project.com/cherokee/trunk@6890 5dc97367-97f1-0310-9951-d761b3857238
Daniel15 · Oct 7, 2011 · c582d25 · c582d25
1 parent 6aacdd3
commit c582d25
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 31 deletions.
diff --git a/cherokee/connection.c b/cherokee/connection.c
@@ -2714,7 +2714,9 @@ cherokee_connection_clean_error_headers (cherokee_connection_t *conn)
 	if (cherokee_buffer_is_empty (&conn->header_buffer))
 		return ret_ok;
 
-	begin = strcasestr (conn->header_buffer.buf, "Content-Length: ");
+	begin = strncasestrn_s (conn->header_buffer.buf,
+				conn->header_buffer.len,
+				"Content-Length: ");
 	if (begin != NULL) {
 		end = strchr (begin+16, CHR_CR);
 		if (end == NULL)

diff --git a/cherokee/encoder_gzip.c b/cherokee/encoder_gzip.c
@@ -213,35 +213,28 @@ static cherokee_boolean_t
 is_user_agent_IE_16 (cherokee_connection_t *conn)
 {
 	ret_t     ret;
-	char      tmp;
 	char     *m;
 	char     *ref     = NULL;
 	cuint_t   ref_len = 0;
 
+	/* Get the User-Agent header
+	 */
 	ret = cherokee_header_get_known (&conn->header, header_user_agent, &ref, &ref_len);
-	if ((ret != ret_ok) || (ref == NULL) || (ref_len <= 7))
+	if ((ret != ret_ok) || (ref == NULL) || (ref_len <= 7)) {
 		return false;
-
-	/* Set EOL boundary */
-	tmp = ref[ref_len];
-	ref[ref_len] = '\0';
+	}
 
 	/* MSIE [1-6] */
-	m = strcasestr (ref, "MSIE ");
-	if (m == NULL)
-		goto not_found;
+	m = strncasestrn_s (ref, ref_len, "MSIE ");
+	if (m == NULL) {
+		return false;
+	}
 
-	if ((m[5] >= '1') && (m[5] <= '6'))
-		goto found;
+	if ((m[5] >= '1') && (m[5] <= '6')) {
+		return true;
+	}
 
-	/* Clean up */
-not_found:
-	ref[ref_len] = tmp;
 	return false;
-
-found:
-	ref[ref_len] = tmp;
-	return true;
 }
 
 

diff --git a/cherokee/flcache.c b/cherokee/flcache.c
@@ -375,6 +375,7 @@ inspect_header (cherokee_flcache_conn_t *flcache_conn,
 	const char                  *header_end;
 	char                         chr_end;
 	char                        *p, *q;
+	cint_t                       line_left;
 	cherokee_boolean_t           overwrite_control;
 	cherokee_avl_flcache_node_t *node               = flcache_conn->avl_node_ref;
 	cherokee_boolean_t           via_found          = false;
@@ -405,7 +406,7 @@ inspect_header (cherokee_flcache_conn_t *flcache_conn,
 
 			/* Regular Cache control */
 			value = begin + 8;
-			while ((*value == ' ') && (value < end)) value++;
+			while ((CHEROKEE_CHAR_IS_WHITE(*value)) && (value < end)) value++;
 
  			node->valid_until = 0;
 			cherokee_dtm_str2time (value, end - value, &node->valid_until);
@@ -424,34 +425,35 @@ inspect_header (cherokee_flcache_conn_t *flcache_conn,
 		/* Cache-Control
 		 */
 		else if (strncasecmp (begin, "Cache-Control:", 14) == 0) {
-
 			/* Cache control overridden */
 			if (overwrite_control) {
 				goto remove_line;
 			}
 
 			/* Regular Cache control */
 			value = begin + 8;
-			while ((*value == ' ') && (value < end)) value++;
+			while (CHEROKEE_CHAR_IS_WHITE(*value) && (value < end)) value++;
+
+			line_left = end - value;
 
-			if (strcasestr (begin, "private") ||
-			    strcasestr (begin, "no-cache") ||
-			    strcasestr (begin, "no-store") ||
-			    strcasestr (begin, "must-revalidate") ||
-			    strcasestr (begin, "proxy-revalidate"))
+			if (strncasestrn_s (value, line_left, "private") ||
+			    strncasestrn_s (value, line_left, "no-cache") ||
+			    strncasestrn_s (value, line_left, "no-store") ||
+			    strncasestrn_s (value, line_left, "must-revalidate") ||
+			    strncasestrn_s (value, line_left, "proxy-revalidate"))
 			{
-				TRACE (ENTRIES, "'%s' header entry forbids caching\n", begin);
+				TRACE (ENTRIES, "'%s' header entry forbids caching\n", value);
 				*end = chr_end;
 				return ret_deny;
 			}
 
-			if (strcasestr (begin, "public"))
+			if (strncasestrn_s (value, line_left, "public"))
 			{
-				TRACE (ENTRIES, "'%s' header entry allows caching\n", begin);
+				TRACE (ENTRIES, "'%s' header entry allows caching\n", value);
 				do_cache = true;
 			}
 
-			p = strcasestr (begin, "max-age=");
+			p = strncasestrn_s (value, line_left, "max-age=");
 			if (p) {
 				p += 8;
 				q  = p;

diff --git a/cherokee/util.h b/cherokee/util.h
@@ -99,6 +99,8 @@ void *rpl_malloc (size_t n);
 char *strncasestr  (const char *s, const char *find, size_t slen);
 char *strncasestrn (const char *s, size_t slen, const char *find, size_t findlen);
 
+#define strncasestrn_s(s,s_len,lit) strncasestrn(s, s_len, lit, sizeof(lit)-1)
+
 /* Constants
  */
 extern const char hex2dec_tab[256];