[GNUnet-SVN] r34310 - in libmicrohttpd: . src/microhttpd

gnunet-svn
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r34310 - in libmicrohttpd: . src/microhttpd

From:	gnunet
Subject:	[GNUnet-SVN] r34310 - in libmicrohttpd: . src/microhttpd
Date:	Mon, 29 Sep 2014 22:35:58 +0200
Author: grothoff
Date: 2014-09-29 22:35:58 +0200 (Mon, 29 Sep 2014)
New Revision: 34310

Modified:
   libmicrohttpd/ChangeLog
   libmicrohttpd/src/microhttpd/connection.c
   libmicrohttpd/src/microhttpd/internal.c
   libmicrohttpd/src/microhttpd/internal.h
   libmicrohttpd/src/microhttpd/postprocessor.c
Log:
fix '+' unescape logic for URI-encoded POST data

Modified: libmicrohttpd/ChangeLog
===================================================================
--- libmicrohttpd/ChangeLog     2014-09-25 17:47:18 UTC (rev 34309)
+++ libmicrohttpd/ChangeLog     2014-09-29 20:35:58 UTC (rev 34310)
@@ -1,3 +1,6 @@
+Mon Sep 29 22:25:34 CEST 2014
+       Properly decode '+' in URL-encoded POST data. -CG/KM
+
 Fri Sep 12 17:32:09 CEST 2014
        Fix --disable-dauth configure option (#3543). -doostee
 

Modified: libmicrohttpd/src/microhttpd/connection.c
===================================================================
--- libmicrohttpd/src/microhttpd/connection.c   2014-09-25 17:47:18 UTC (rev 
34309)
+++ libmicrohttpd/src/microhttpd/connection.c   2014-09-29 20:35:58 UTC (rev 
34310)
@@ -149,21 +149,6 @@
 
 
 /**
- * Convert all occurences of '+' to ' '.
- *
- * @param arg string that is modified
- */
-static void
-escape_plus (char *arg)
-{
-  char *p;
-
-  for (p=strchr (arg, '+'); NULL != p; p = strchr (p + 1, '+'))
-    *p = ' ';
-}
-
-
-/**
  * This function can be used to add an entry to the HTTP headers of a
  * connection (so that the #MHD_get_connection_values function will
  * return them -- and the `struct MHD_PostProcessor` will also see
@@ -1230,7 +1215,7 @@
          if (NULL == equals)
            {
              /* got 'foo', add key 'foo' with NULL for value */
-              escape_plus (args);
+              MHD_unescape_plus (args);
              connection->daemon->unescape_callback 
(connection->daemon->unescape_callback_cls,
                                                     connection,
                                                     args);
@@ -1242,11 +1227,11 @@
          /* got 'foo=bar' */
          equals[0] = '\0';
          equals++;
-          escape_plus (args);
+          MHD_unescape_plus (args);
          connection->daemon->unescape_callback 
(connection->daemon->unescape_callback_cls,
                                                 connection,
                                                 args);
-          escape_plus (equals);
+          MHD_unescape_plus (equals);
          connection->daemon->unescape_callback 
(connection->daemon->unescape_callback_cls,
                                                 connection,
                                                 equals);
@@ -1259,7 +1244,7 @@
           (equals >= amper) )
        {
          /* got 'foo&bar' or 'foo&bar=val', add key 'foo' with NULL for value 
*/
-          escape_plus (args);
+          MHD_unescape_plus (args);
          connection->daemon->unescape_callback 
(connection->daemon->unescape_callback_cls,
                                                 connection,
                                                 args);
@@ -1278,11 +1263,11 @@
         so we got regular 'foo=value&bar...'-kind of argument */
       equals[0] = '\0';
       equals++;
-      escape_plus (args);
+      MHD_unescape_plus (args);
       connection->daemon->unescape_callback 
(connection->daemon->unescape_callback_cls,
                                             connection,
                                             args);
-      escape_plus (equals);
+      MHD_unescape_plus (equals);
       connection->daemon->unescape_callback 
(connection->daemon->unescape_callback_cls,
                                             connection,
                                             equals);

Modified: libmicrohttpd/src/microhttpd/internal.c
===================================================================
--- libmicrohttpd/src/microhttpd/internal.c     2014-09-25 17:47:18 UTC (rev 
34309)
+++ libmicrohttpd/src/microhttpd/internal.c     2014-09-29 20:35:58 UTC (rev 
34310)
@@ -105,6 +105,21 @@
 
 
 /**
+ * Convert all occurences of '+' to ' '.
+ *
+ * @param arg string that is modified (in place), must be 0-terminated
+ */
+void
+MHD_unescape_plus (char *arg)
+{
+  char *p;
+
+  for (p=strchr (arg, '+'); NULL != p; p = strchr (p + 1, '+'))
+    *p = ' ';
+}
+
+
+/**
  * Process escape sequences ('%HH') Updates val in place; the
  * result should be UTF-8 encoded and cannot be larger than the input.
  * The result must also still be 0-terminated.

Modified: libmicrohttpd/src/microhttpd/internal.h
===================================================================
--- libmicrohttpd/src/microhttpd/internal.h     2014-09-25 17:47:18 UTC (rev 
34309)
+++ libmicrohttpd/src/microhttpd/internal.h     2014-09-29 20:35:58 UTC (rev 
34310)
@@ -726,7 +726,7 @@
   int client_aware;
 
   /**
-   * Socket for this connection.  Set to MHD_INVALID_SOCKET if
+   * Socket for this connection.  Set to #MHD_INVALID_SOCKET if
    * this connection has died (daemon should clean
    * up in that case).
    */
@@ -741,7 +741,7 @@
   int read_closed;
 
   /**
-   * Set to MHD_YES if the thread has been joined.
+   * Set to #MHD_YES if the thread has been joined.
    */
   int thread_joined;
 
@@ -878,7 +878,7 @@
 
 /**
  * Signature of function called to unescape URIs.  See also
- * MHD_http_unescape.
+ * #MHD_http_unescape().
  *
  * @param cls closure
  * @param conn connection handle
@@ -1017,7 +1017,7 @@
   LogCallback uri_log_callback;
 
   /**
-   * Closure argument to uri_log_callback.
+   * Closure argument to @e uri_log_callback.
    */
   void *uri_log_callback_cls;
 
@@ -1027,7 +1027,7 @@
   UnescapeCallback unescape_callback;
 
   /**
-   * Closure for unescape callback.
+   * Closure for @e unescape_callback.
    */
   void *unescape_callback_cls;
 
@@ -1398,7 +1398,7 @@
 
 
 /**
- * Equivalent to time(NULL) but tries to use some sort of monotonic
+ * Equivalent to `time(NULL)` but tries to use some sort of monotonic
  * clock that isn't affected by someone setting the system real time
  * clock.
  *
@@ -1407,4 +1407,14 @@
 time_t
 MHD_monotonic_time(void);
 
+
+/**
+ * Convert all occurences of '+' to ' '.
+ *
+ * @param arg string that is modified (in place), must be 0-terminated
+ */
+void
+MHD_escape_plus (char *arg);
+
+
 #endif

Modified: libmicrohttpd/src/microhttpd/postprocessor.c
===================================================================
--- libmicrohttpd/src/microhttpd/postprocessor.c        2014-09-25 17:47:18 UTC 
(rev 34309)
+++ libmicrohttpd/src/microhttpd/postprocessor.c        2014-09-29 20:35:58 UTC 
(rev 34310)
@@ -381,6 +381,7 @@
             return MHD_YES;     /* no '=' yet */
           buf[pp->buffer_pos] = '\0';   /* 0-terminate key */
           pp->buffer_pos = 0;   /* reset for next key */
+         MHD_unescape_plus (buf);
           MHD_http_unescape (NULL, NULL, buf);
           poff += equals + 1;
           pp->state = PP_ProcessValue;
@@ -441,6 +442,7 @@
 
           /* unescape */
           xbuf[xoff] = '\0';    /* 0-terminate in preparation */
+         MHD_unescape_plus (xbuf);
           xoff = MHD_http_unescape (NULL, NULL, xbuf);
           /* finally: call application! */
          pp->must_ikvi = MHD_NO;
[Prev in Thread]
Current Thread
[Next in Thread]
[GNUnet-SVN] r34310 - in libmicrohttpd: . src/microhttpd, gnunet <=
Prev by Date: [GNUnet-SVN] r34311 - libmicrohttpd/src/include
Next by Date: [GNUnet-SVN] r34312 - gnunet-www/GNUnet/logos
Previous by thread: [GNUnet-SVN] r34311 - libmicrohttpd/src/include
Next by thread: [GNUnet-SVN] r34312 - gnunet-www/GNUnet/logos
Index(es):
- Date
- Thread