Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

fixed termination symbols in query params

  • Loading branch information...
commit 5bed78249b4f670794e45df2823a073281b55717 1 parent 5eba4cc
@lmovsesjan authored
Showing with 42 additions and 30 deletions.
  1. +6 −0 debian/changelog
  2. +36 −30 library/requestimpl.cpp
View
6 debian/changelog
@@ -1,3 +1,9 @@
+fastcgi-daemon2 (2.10-15) unstable; urgency=low
+
+ * fixed termination symbols in query params
+
+ -- Leonid A. Movsesjan <lmovsesjan@yandex-team.ru> Thu, 06 Dec 2012 17:37:15 +0400
+
fastcgi-daemon2 (2.10-14) unstable; urgency=low
* Write PID file before initializing globals.
View
66 library/requestimpl.cpp
@@ -749,24 +749,24 @@ RequestImpl::parseCookies(DataBuffer buffer, boost::uint64_t pos) {
boost::uint64_t
RequestImpl::parseVars(DataBuffer buffer, boost::uint64_t pos) {
- boost::uint64_t field_size = 0;
- pos = parseInt(buffer, pos, field_size);
- boost::uint64_t pos_end = pos + field_size;
- if (pos_end > buffer.size()) {
- throw std::runtime_error("Cannot parse request vars");
- }
- while (pos < pos_end) {
+ boost::uint64_t field_size = 0;
+ pos = parseInt(buffer, pos, field_size);
+ boost::uint64_t pos_end = pos + field_size;
+ if (pos_end > buffer.size()) {
+ throw std::runtime_error("Cannot parse request vars");
+ }
+ while (pos < pos_end) {
std::string name, value;
pos = parseString(buffer, pos, name);
pos = parseString(buffer, pos, value);
vars_.insert(std::make_pair(name, value));
- }
- return pos;
+ }
+ return pos;
}
boost::uint64_t
RequestImpl::parseBody(DataBuffer buffer, boost::uint64_t pos) {
- boost::uint64_t field_size = 0;
+ boost::uint64_t field_size = 0;
pos = parseInt(buffer, pos, field_size);
boost::uint64_t pos_end = pos + field_size;
if (pos_end > buffer.size()) {
@@ -778,13 +778,13 @@ RequestImpl::parseBody(DataBuffer buffer, boost::uint64_t pos) {
boost::uint64_t
RequestImpl::parseFiles(DataBuffer buffer, boost::uint64_t pos) {
- boost::uint64_t field_size = 0;
+ boost::uint64_t field_size = 0;
pos = parseInt(buffer, pos, field_size);
boost::uint64_t pos_end = pos + field_size;
- if (pos_end > buffer.size()) {
- throw std::runtime_error("Cannot parse request files");
- }
- while (pos < pos_end) {
+ if (pos_end > buffer.size()) {
+ throw std::runtime_error("Cannot parse request files");
+ }
+ while (pos < pos_end) {
std::string name, remote_name, type;
pos = parseString(buffer, pos, name);
pos = parseString(buffer, pos, remote_name);
@@ -796,35 +796,41 @@ RequestImpl::parseFiles(DataBuffer buffer, boost::uint64_t pos) {
DataBuffer file_buffer = DataBuffer(body_, offset + body_.beginIndex(),
offset + length + body_.beginIndex());
files_.insert(std::make_pair(name, File(remote_name, type, file_buffer)));
- }
- return pos;
+ }
+ return pos;
}
boost::uint64_t
RequestImpl::parseArgs(DataBuffer buffer, boost::uint64_t pos) {
- boost::uint64_t field_size = 0;
+ boost::uint64_t field_size = 0;
pos = parseInt(buffer, pos, field_size);
boost::uint64_t pos_end = pos + field_size;
- if (pos_end > buffer.size()) {
- throw std::runtime_error("Cannot parse request args");
- }
- while (pos < pos_end) {
+ if (pos_end > buffer.size()) {
+ throw std::runtime_error("Cannot parse request args");
+ }
+ while (pos < pos_end) {
std::string name, value;
pos = parseString(buffer, pos, name);
pos = parseString(buffer, pos, value);
+
+ if (std::string::npos != value.find('\r') || std::string::npos != value.find('\n') ||
+ std::string::npos != value.find('\n')) {
@avm
avm added a note

Зачем дважды искать в строке \n? Проще было бы написать value.find_first_of("\n\r").

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+ value = StringUtils::urlencode(Range::fromString(value));
+ }
+
args_.push_back(std::make_pair(name, value));
- }
- return pos;
+ }
+ return pos;
}
void
RequestImpl::parse(DataBuffer buffer) {
- boost::uint64_t pos = parseHeaders(buffer, 0);
- pos = parseCookies(buffer, pos);
- pos = parseVars(buffer, pos);
- pos = parseBody(buffer, pos);
- pos = parseFiles(buffer, pos);
- pos = parseArgs(buffer, pos);
+ boost::uint64_t pos = parseHeaders(buffer, 0);
+ pos = parseCookies(buffer, pos);
+ pos = parseVars(buffer, pos);
+ pos = parseBody(buffer, pos);
+ pos = parseFiles(buffer, pos);
+ pos = parseArgs(buffer, pos);
}
void
Please sign in to comment.
Something went wrong with that request. Please try again.