Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
lib-http: harden payload tests against dodgy filenames
Tests use files from readdir() as input, but do no sanitation of the names, and therefore things like editor temp files can cause havoc with the HTTP request parser. The solution is to trap dodgy characters in the filenames, and ignore those files. Initially, trap HTTP's "unsafe" and "reserved" characters. Signed-off-by: Phil Carmody <phil@dovecot.fi>
- Loading branch information