libweb: Bump new signature for http_decode_url
The new signature allows callers to distinguish decoding errors from fatal errors. This is important for slcl to avoid crashing when ill-formed data is received from a client.
This commit is contained in:
parent
fada861c5f
commit
8dff21942e
2
libweb
2
libweb
|
@ -1 +1 @@
|
|||
Subproject commit dbdaac757fb9217e4b28afc05f1fe523f68d64d3
|
||||
Subproject commit 9e1779eacdbe4f56177efb258f543e8baa9efc4e
|
47
main.c
47
main.c
|
@ -135,7 +135,8 @@ static int append_form(struct form **const forms, const char **const s,
|
|||
{
|
||||
int ret = -1;
|
||||
const char *end;
|
||||
char *const data = alloc_form_data(*s, &end), *key = NULL, *value = NULL;
|
||||
char *const data = alloc_form_data(*s, &end), *enckey = NULL,
|
||||
*encvalue = NULL, *key = NULL, *value = NULL;
|
||||
struct form *f = NULL, *fs = NULL;
|
||||
|
||||
if (!data)
|
||||
|
@ -161,14 +162,16 @@ static int append_form(struct form **const forms, const char **const s,
|
|||
|
||||
const size_t keylen = sep - data;
|
||||
|
||||
if (!(key = strndup(data, keylen)))
|
||||
if (!(enckey = strndup(data, keylen)))
|
||||
{
|
||||
fprintf(stderr, "%s: strndup(3) key: %s\n", __func__, strerror(errno));
|
||||
fprintf(stderr, "%s: strndup(3) enckey: %s\n",
|
||||
__func__, strerror(errno));
|
||||
goto end;
|
||||
}
|
||||
else if (!(value = strdup(sep + 1)))
|
||||
else if (!(encvalue = strdup(sep + 1)))
|
||||
{
|
||||
fprintf(stderr, "%s: strdup(3) value: %s\n", __func__, strerror(errno));
|
||||
fprintf(stderr, "%s: strdup(3) encvalue: %s\n",
|
||||
__func__, strerror(errno));
|
||||
goto end;
|
||||
}
|
||||
else if (!(fs = realloc(*forms, (*n + 1) * sizeof **forms)))
|
||||
|
@ -178,27 +181,39 @@ static int append_form(struct form **const forms, const char **const s,
|
|||
}
|
||||
|
||||
*forms = fs;
|
||||
f = &(*forms)[(*n)++];
|
||||
|
||||
/* HTML input forms use '+' for whitespace, rather than %20. */
|
||||
*f = (const struct form)
|
||||
if ((ret = http_decode_url(enckey, true, &key)))
|
||||
{
|
||||
.key = http_decode_url(key, true),
|
||||
.value = http_decode_url(value, true)
|
||||
};
|
||||
|
||||
if (!f->key || !f->value)
|
||||
{
|
||||
fprintf(stderr, "%s: http_decode_url key/value failed\n", __func__);
|
||||
fprintf(stderr, "%s: http_decode_url enckey failed\n", __func__);
|
||||
goto end;
|
||||
}
|
||||
else if ((ret = http_decode_url(encvalue, true, &value)))
|
||||
{
|
||||
fprintf(stderr, "%s: http_decode_url encvalue failed\n", __func__);
|
||||
goto end;
|
||||
}
|
||||
|
||||
f = &(*forms)[(*n)++];
|
||||
|
||||
*f = (const struct form)
|
||||
{
|
||||
.key = key,
|
||||
.value = value
|
||||
};
|
||||
|
||||
*s = end;
|
||||
ret = 0;
|
||||
|
||||
end:
|
||||
free(key);
|
||||
free(value);
|
||||
if (ret)
|
||||
{
|
||||
free(key);
|
||||
free(value);
|
||||
}
|
||||
|
||||
free(enckey);
|
||||
free(encvalue);
|
||||
free(data);
|
||||
return ret;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue