Skip to content

Commit 471c483

Browse files
gizmocuzgizmocuz
committed
safety checks around webserver actions
1 parent 970255e commit 471c483

File tree

1 file changed

+70
-8
lines changed

1 file changed

+70
-8
lines changed

webserver/cWebem.cpp

Lines changed: 70 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -253,14 +253,32 @@ void cWebem::Include( std::string& reply )
253253
std::map < std::string, webem_include_function >::iterator pf = myIncludes.find( code );
254254
if( pf != myIncludes.end() ) {
255255
// insert generated text
256-
reply.insert( p, pf->second() );
256+
std::string ret;
257+
try
258+
{
259+
ret = pf->second();
260+
}
261+
catch (...)
262+
{
263+
264+
}
265+
reply.insert( p, ret );
257266
} else {
258267
// no function found, look for a wide character fuction
259268
std::map < std::string, webem_include_function_w >::iterator pf = myIncludes_w.find( code );
260269
if( pf != myIncludes_w.end() ) {
261270
// function found
262271
// get return string and convert from UTF-16 to UTF-8
263-
cUTF utf( pf->second() );
272+
std::wstring wret;
273+
try
274+
{
275+
wret = pf->second();
276+
}
277+
catch (...)
278+
{
279+
280+
}
281+
cUTF utf( wret.c_str() );
264282
// insert generated text
265283
reply.insert( p, utf.get8() );
266284
}
@@ -421,7 +439,16 @@ bool cWebem::CheckForAction( request& req )
421439
if (myNameValues.empty())
422440
return true;
423441
// call the function
424-
req.uri = pfun->second(this);
442+
std::string ret;
443+
try
444+
{
445+
ret = pfun->second(this);
446+
}
447+
catch (...)
448+
{
449+
450+
}
451+
req.uri = ret;
425452
return true;
426453
}
427454
}
@@ -462,7 +489,16 @@ bool cWebem::CheckForAction( request& req )
462489
}
463490

464491
// call the function
465-
req.uri = pfun->second( this );
492+
std::string ret;
493+
try
494+
{
495+
ret = pfun->second(this);
496+
}
497+
catch (...)
498+
{
499+
500+
}
501+
req.uri = ret;
466502

467503
return true;
468504
}
@@ -661,7 +697,15 @@ bool cWebem::CheckForPageOverride(const request& req, reply& rep)
661697
{
662698
m_outputfilename="";
663699
rep.status = reply::ok;
664-
std::string retstr=pfun->second( );
700+
std::string retstr;
701+
try
702+
{
703+
retstr = pfun->second();
704+
}
705+
catch (...)
706+
{
707+
708+
}
665709

666710
rep.content.append(retstr.c_str(), retstr.size());
667711

@@ -737,7 +781,16 @@ bool cWebem::CheckForPageOverride(const request& req, reply& rep)
737781
if (pfunW==myPages_w.end())
738782
return false;
739783

740-
cUTF utf( pfunW->second( ) );
784+
std::wstring wret;
785+
try
786+
{
787+
wret = pfunW->second();
788+
}
789+
catch (...)
790+
{
791+
792+
}
793+
cUTF utf( wret.c_str() );
741794

742795
int extraheaders = 0;
743796
if (req.keep_alive) {
@@ -899,8 +952,17 @@ std::string& cWebem::FindValue( const char* name )
899952
static std::string ret;
900953
ret = "";
901954
webem_iter_name_value iter = myNameValues.find( name );
902-
if( iter != myNameValues.end() )
903-
ret = iter->second;
955+
if (iter != myNameValues.end())
956+
{
957+
try
958+
{
959+
ret = iter->second;
960+
}
961+
catch (...)
962+
{
963+
964+
}
965+
}
904966

905967
return ret;
906968
}

0 commit comments

Comments
 (0)