diff options
author | Jan Pazdziora <jpazdziora@redhat.com> | 2022-01-30 13:34:13 +0100 |
---|---|---|
committer | Jan Pazdziora <jpazdziora@redhat.com> | 2022-01-30 14:42:16 +0100 |
commit | 9e34613fc3ebaee5d6b11a3be201cfe9ed479c29 (patch) | |
tree | 8f038d3f7596aee4069509b22c74b26a385230cc /mod_intercept_form_submit.c | |
parent | 6b8e9f444e02e2face1e606149cddce843ef2fa0 (diff) | |
download | mod_intercept_form_submit-9e34613fc3ebaee5d6b11a3be201cfe9ed479c29.tar.gz mod_intercept_form_submit-9e34613fc3ebaee5d6b11a3be201cfe9ed479c29.tar.xz mod_intercept_form_submit-9e34613fc3ebaee5d6b11a3be201cfe9ed479c29.zip |
Use the httpd-provided ap_unescape_urlencoded to parse data.
Diffstat (limited to 'mod_intercept_form_submit.c')
-rw-r--r-- | mod_intercept_form_submit.c | 53 |
1 files changed, 5 insertions, 48 deletions
diff --git a/mod_intercept_form_submit.c b/mod_intercept_form_submit.c index 24b2e8e..c03a061 100644 --- a/mod_intercept_form_submit.c +++ b/mod_intercept_form_submit.c @@ -96,59 +96,16 @@ static void register_pam_authenticate_with_login_password_fn(void) { pam_authenticate_with_login_password_fn = APR_RETRIEVE_OPTIONAL_FN(pam_authenticate_with_login_password); } -static int hex2char(int c) { - if (c >= '0' && c <= '9') - return c - '0'; - if (c >= 'a' && c <= 'z') - return c - 'a' + 10; - if (c >= 'A' && c <= 'Z') - return c - 'A' + 10; - return -1; -} - static char * intercept_form_submit_process_keyval(apr_pool_t * pool, const char * name, const char * key, int key_len, const char * val, int val_len) { if (val_len == 0) return NULL; - int i; - for (i = 0; i < key_len; i++, name++) { - if (*name == '\0') - return NULL; - int c = key[i]; - if (c == '+') - c = ' '; - else if (c == '%') { - if (i > key_len - 3) - return NULL; - int m = hex2char(key[++i]); - int n = hex2char(key[++i]); - if (m < 0 || n < 0) - return NULL; - c = (m << 4) + n; - } - if (c != *name) - return NULL; - } - if (*name != '\0') + char * x_key = apr_pstrndup(pool, key, key_len); + ap_unescape_urlencoded(x_key); + if (strcmp(name, x_key)) return NULL; - char * ret = apr_palloc(pool, val_len + 1); - char * p = ret; - for (i = 0; i < val_len; i++, p++) { - if (val[i] == '+') - *p = ' '; - else if (val[i] == '%') { - if (i > val_len - 3) - return NULL; - int m = hex2char(val[++i]); - int n = hex2char(val[++i]); - if (m < 0 || n < 0) - return NULL; - *p = (m << 4) + n; - } else { - *p = val[i]; - } - } - *p = '\0'; + char * ret = apr_pstrndup(pool, val, val_len); + ap_unescape_urlencoded(ret); return ret; } |