From f6b84b765d6fa4d95aae5501fedca5cd8903e224 Mon Sep 17 00:00:00 2001
From: Xavier Del Campo Romero <xavi.dcr@tutanota.com>
Date: Mon, 19 Feb 2024 23:03:16 +0100
Subject: Bump libweb to 0.3.0

The following commits fix a couple of security issues on libweb.

Because of afe0681c0b26bb64bad55d7e86770f346cfa043e, slcl had to be
updated to set up its struct http_cfg_post.

commit afe0681c0b26bb64bad55d7e86770f346cfa043e
Author: Xavier Del Campo Romero <xavi.dcr@tutanota.com>
Date:   Mon Feb 19 23:00:56 2024 +0100

    Limit maximum multipart/form-data pairs and files

    A malicious user could inject an infinite number of empty files or
    key/value pairs into a request in order to exhaust the device's
    resources.

commit 9d9e0c2979f43297b2ebbf84f14f064f3f9ced0e
Author: Xavier Del Campo Romero <xavi.dcr@tutanota.com>
Date:   Mon Feb 19 22:49:09 2024 +0100

    html.c: Avoid half-init objects on html_node_add_attr

    The previous implementation would leave half-initialised objects if one
    of the calls to strdup(3) failed. Now, n->attrs is only modified when
    all previous memory allocations were successful.
---
 libweb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'libweb')

diff --git a/libweb b/libweb
index 6ceae16..b4930f7 160000
--- a/libweb
+++ b/libweb
@@ -1 +1 @@
-Subproject commit 6ceae16a20175edb77fb2ffab0d3d6648d011221
+Subproject commit b4930f72bb9026c5a0871f4fa4cabe20cb0e6a9f
-- 
cgit v1.2.3