Permalink
Browse files

Replaces a few strcasestr() calls. The World is a bit safer now.

git-svn-id: svn://cherokee-project.com/cherokee/trunk@6890 5dc97367-97f1-0310-9951-d761b3857238
  • Loading branch information...
alobbs committed Oct 7, 2011
1 parent 6aacdd3 commit c582d254f8dbd2dc123632f5facf6a901ee98cb8
Showing with 30 additions and 31 deletions.
  1. +3 −1 cherokee/connection.c
  2. +11 −18 cherokee/encoder_gzip.c
  3. +14 −12 cherokee/flcache.c
  4. +2 −0 cherokee/util.h
View
@@ -2714,7 +2714,9 @@ cherokee_connection_clean_error_headers (cherokee_connection_t *conn)
if (cherokee_buffer_is_empty (&conn->header_buffer))
return ret_ok;
- begin = strcasestr (conn->header_buffer.buf, "Content-Length: ");
+ begin = strncasestrn_s (conn->header_buffer.buf,
+ conn->header_buffer.len,
+ "Content-Length: ");
if (begin != NULL) {
end = strchr (begin+16, CHR_CR);
if (end == NULL)
View
@@ -213,35 +213,28 @@ static cherokee_boolean_t
is_user_agent_IE_16 (cherokee_connection_t *conn)
{
ret_t ret;
- char tmp;
char *m;
char *ref = NULL;
cuint_t ref_len = 0;
+ /* Get the User-Agent header
+ */
ret = cherokee_header_get_known (&conn->header, header_user_agent, &ref, &ref_len);
- if ((ret != ret_ok) || (ref == NULL) || (ref_len <= 7))
+ if ((ret != ret_ok) || (ref == NULL) || (ref_len <= 7)) {
return false;
-
- /* Set EOL boundary */
- tmp = ref[ref_len];
- ref[ref_len] = '\0';
+ }
/* MSIE [1-6] */
- m = strcasestr (ref, "MSIE ");
- if (m == NULL)
- goto not_found;
+ m = strncasestrn_s (ref, ref_len, "MSIE ");
+ if (m == NULL) {
+ return false;
+ }
- if ((m[5] >= '1') && (m[5] <= '6'))
- goto found;
+ if ((m[5] >= '1') && (m[5] <= '6')) {
+ return true;
+ }
- /* Clean up */
-not_found:
- ref[ref_len] = tmp;
return false;
-
-found:
- ref[ref_len] = tmp;
- return true;
}
View
@@ -375,6 +375,7 @@ inspect_header (cherokee_flcache_conn_t *flcache_conn,
const char *header_end;
char chr_end;
char *p, *q;
+ cint_t line_left;
cherokee_boolean_t overwrite_control;
cherokee_avl_flcache_node_t *node = flcache_conn->avl_node_ref;
cherokee_boolean_t via_found = false;
@@ -405,7 +406,7 @@ inspect_header (cherokee_flcache_conn_t *flcache_conn,
/* Regular Cache control */
value = begin + 8;
- while ((*value == ' ') && (value < end)) value++;
+ while ((CHEROKEE_CHAR_IS_WHITE(*value)) && (value < end)) value++;
node->valid_until = 0;
cherokee_dtm_str2time (value, end - value, &node->valid_until);
@@ -424,34 +425,35 @@ inspect_header (cherokee_flcache_conn_t *flcache_conn,
/* Cache-Control
*/
else if (strncasecmp (begin, "Cache-Control:", 14) == 0) {
-
/* Cache control overridden */
if (overwrite_control) {
goto remove_line;
}
/* Regular Cache control */
value = begin + 8;
- while ((*value == ' ') && (value < end)) value++;
+ while (CHEROKEE_CHAR_IS_WHITE(*value) && (value < end)) value++;
+
+ line_left = end - value;
- if (strcasestr (begin, "private") ||
- strcasestr (begin, "no-cache") ||
- strcasestr (begin, "no-store") ||
- strcasestr (begin, "must-revalidate") ||
- strcasestr (begin, "proxy-revalidate"))
+ if (strncasestrn_s (value, line_left, "private") ||
+ strncasestrn_s (value, line_left, "no-cache") ||
+ strncasestrn_s (value, line_left, "no-store") ||
+ strncasestrn_s (value, line_left, "must-revalidate") ||
+ strncasestrn_s (value, line_left, "proxy-revalidate"))
{
- TRACE (ENTRIES, "'%s' header entry forbids caching\n", begin);
+ TRACE (ENTRIES, "'%s' header entry forbids caching\n", value);
*end = chr_end;
return ret_deny;
}
- if (strcasestr (begin, "public"))
+ if (strncasestrn_s (value, line_left, "public"))
{
- TRACE (ENTRIES, "'%s' header entry allows caching\n", begin);
+ TRACE (ENTRIES, "'%s' header entry allows caching\n", value);
do_cache = true;
}
- p = strcasestr (begin, "max-age=");
+ p = strncasestrn_s (value, line_left, "max-age=");
if (p) {
p += 8;
q = p;
View
@@ -99,6 +99,8 @@ void *rpl_malloc (size_t n);
char *strncasestr (const char *s, const char *find, size_t slen);
char *strncasestrn (const char *s, size_t slen, const char *find, size_t findlen);
+#define strncasestrn_s(s,s_len,lit) strncasestrn(s, s_len, lit, sizeof(lit)-1)
+
/* Constants
*/
extern const char hex2dec_tab[256];

0 comments on commit c582d25

Please sign in to comment.