[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] 117/156: examples/sessions.c: improved safety
|
From: |
gnunet |
|
Subject: |
[libmicrohttpd] 117/156: examples/sessions.c: improved safety |
|
Date: |
Sun, 28 May 2023 17:52:50 +0200 |
This is an automated email from the git hooks/post-receive script.
karlson2k pushed a commit to tag v0.9.77
in repository libmicrohttpd.
commit 47d6cbdfe808da14c3a1499c6d84408ed0ca503e
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
AuthorDate: Fri May 19 13:07:09 2023 +0300
examples/sessions.c: improved safety
---
doc/examples/sessions.c | 78 ++++++++++++++++++++++++++++++++-----------------
1 file changed, 51 insertions(+), 27 deletions(-)
diff --git a/doc/examples/sessions.c b/doc/examples/sessions.c
index 3acfd260..123d7d3f 100644
--- a/doc/examples/sessions.c
+++ b/doc/examples/sessions.c
@@ -294,13 +294,14 @@ fill_v1_form (const void *cls,
struct MHD_Connection *connection)
{
enum MHD_Result ret;
- const char *form = cls;
char *reply;
struct MHD_Response *response;
int len;
+ (void) cls; /* Unused parameter */
+
/* Emulate 'asprintf' */
- len = snprintf(NULL, 0, form, session->value_1);
+ len = snprintf (NULL, 0, MAIN_PAGE, session->value_1);
if (0 > len)
return MHD_NO; /* Internal error */
@@ -309,22 +310,33 @@ fill_v1_form (const void *cls,
return MHD_NO; /* Out-of-memory error */
if (len != snprintf (reply,
- form,
+ ((size_t) len) + 1,
+ MAIN_PAGE,
session->value_1))
+ {
+ free (reply);
return MHD_NO; /* printf error */
+ }
- /* return static form */
response = MHD_create_response_from_buffer (strlen (reply),
(void *) reply,
MHD_RESPMEM_MUST_FREE);
- add_session_cookie (session, response);
- MHD_add_response_header (response,
- MHD_HTTP_HEADER_CONTENT_ENCODING,
- mime);
- ret = MHD_queue_response (connection,
- MHD_HTTP_OK,
- response);
- MHD_destroy_response (response);
+ if (NULL != response)
+ {
+ add_session_cookie (session, response);
+ MHD_add_response_header (response,
+ MHD_HTTP_HEADER_CONTENT_ENCODING,
+ mime);
+ ret = MHD_queue_response (connection,
+ MHD_HTTP_OK,
+ response);
+ MHD_destroy_response (response);
+ }
+ else
+ {
+ free (reply);
+ ret = MHD_NO;
+ }
return ret;
}
@@ -344,13 +356,14 @@ fill_v1_v2_form (const void *cls,
struct MHD_Connection *connection)
{
enum MHD_Result ret;
- const char *form = cls;
char *reply;
struct MHD_Response *response;
int len;
+ (void) cls; /* Unused parameter */
+
/* Emulate 'asprintf' */
- len = snprintf(NULL, 0, form, session->value_1, session->value_2);
+ len = snprintf (NULL, 0, SECOND_PAGE, session->value_1, session->value_2);
if (0 > len)
return MHD_NO; /* Internal error */
@@ -358,24 +371,35 @@ fill_v1_v2_form (const void *cls,
if (NULL == reply)
return MHD_NO; /* Out-of-memory error */
- if (len != snprintf (reply,
- form,
+ if (len == snprintf (reply,
+ ((size_t) len) + 1,
+ SECOND_PAGE,
session->value_1,
session->value_2))
+ {
+ free (reply);
return MHD_NO; /* printf error */
+ }
- /* return static form */
response = MHD_create_response_from_buffer (strlen (reply),
(void *) reply,
MHD_RESPMEM_MUST_FREE);
- add_session_cookie (session, response);
- MHD_add_response_header (response,
- MHD_HTTP_HEADER_CONTENT_ENCODING,
- mime);
- ret = MHD_queue_response (connection,
- MHD_HTTP_OK,
- response);
- MHD_destroy_response (response);
+ if (NULL != response)
+ {
+ add_session_cookie (session, response);
+ MHD_add_response_header (response,
+ MHD_HTTP_HEADER_CONTENT_ENCODING,
+ mime);
+ ret = MHD_queue_response (connection,
+ MHD_HTTP_OK,
+ response);
+ MHD_destroy_response (response);
+ }
+ else
+ {
+ free (reply);
+ ret = MHD_NO;
+ }
return ret;
}
@@ -418,8 +442,8 @@ not_found_page (const void *cls,
* List of all pages served by this HTTP server.
*/
static const struct Page pages[] = {
- { "/", "text/html", &fill_v1_form, MAIN_PAGE },
- { "/2", "text/html", &fill_v1_v2_form, SECOND_PAGE },
+ { "/", "text/html", &fill_v1_form, NULL },
+ { "/2", "text/html", &fill_v1_v2_form, NULL },
{ "/S", "text/html", &serve_simple_form, SUBMIT_PAGE },
{ "/F", "text/html", &serve_simple_form, LAST_PAGE },
{ NULL, NULL, ¬_found_page, NULL } /* 404 */
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [libmicrohttpd] 85/156: Fixed many macros, (continued)
- [libmicrohttpd] 85/156: Fixed many macros, gnunet, 2023/05/28
- [libmicrohttpd] 79/156: Updated libtool fixes, gnunet, 2023/05/28
- [libmicrohttpd] 90/156: autoinit_funcs.h: unified English spelling (prefer GB over US), gnunet, 2023/05/28
- [libmicrohttpd] 94/156: test_postform: updated to support the new libcurl API, gnunet, 2023/05/28
- [libmicrohttpd] 96/156: autoinit_funcs.h: fixed compiler warning, gnunet, 2023/05/28
- [libmicrohttpd] 70/156: Upgraded TLS: fixed inefficient communication, gnunet, 2023/05/28
- [libmicrohttpd] 74/156: connection.c: fixed processing of folded headers, gnunet, 2023/05/28
- [libmicrohttpd] 81/156: contrib/make-dist.sh: added new helper script, gnunet, 2023/05/28
- [libmicrohttpd] 99/156: configure: fixed compiler warnings, gnunet, 2023/05/28
- [libmicrohttpd] 106/156: test_postprocessor_md: fixed build in C89 mode, gnunet, 2023/05/28
- [libmicrohttpd] 117/156: examples/sessions.c: improved safety,
gnunet <=
- [libmicrohttpd] 82/156: Updated POTFILES.in, gnunet, 2023/05/28
- [libmicrohttpd] 76/156: Added test with folded header placed last, gnunet, 2023/05/28
- [libmicrohttpd] 107/156: test_client_put_stop: fixed test on Darwin, gnunet, 2023/05/28
- [libmicrohttpd] 103/156: configure: renamed macro, gnunet, 2023/05/28
- [libmicrohttpd] 112/156: Added specific headers detection and include, gnunet, 2023/05/28
- [libmicrohttpd] 69/156: microhttpd.h: fixed typo in doxy, gnunet, 2023/05/28
- [libmicrohttpd] 66/156: configure: improved compatibility with POSIX, gnunet, 2023/05/28
- [libmicrohttpd] 67/156: configure: cosmetics: deleted extra spaces, gnunet, 2023/05/28
- [libmicrohttpd] 71/156: Fixed initialisation of old GnuTLS versions, gnunet, 2023/05/28
- [libmicrohttpd] 77/156: Added test with large folded header, gnunet, 2023/05/28