]> git.ipfire.org Git - thirdparty/squid.git/commit
projects / thirdparty / squid.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 69a9b4d) | patch
Harden quoted-string parser to RFC requirements
authorAmos Jeffries <amosjeffries@squid-cache.org>
Mon, 1 Nov 2010 00:21:57 +0000 (18:21 -0600)
committerAmos Jeffries <amosjeffries@squid-cache.org>
Mon, 1 Nov 2010 00:21:57 +0000 (18:21 -0600)
commit34460e19ab004a3cd339ef971c46b1dfcbba2a1d
tree938a781557850c9b65b1ed659834032a1a0b4094tree
parent69a9b4decdb1289c37b49654c709c89f5ef6ccdccommit | diff
Harden quoted-string parser to RFC requirements

Fix RFC 2616 section 2.2 quote-string handling.

 * Restrict the parser to the known length of the value string to prevent
   buffer over-reads from specially crafted inputs.
 * Drop quoted-string values containing CTL octets.
src/HttpHdrSc.cc diff | blob | blame | history
src/HttpHeader.h diff | blob | blame | history
src/HttpHeaderTools.cc diff | blob | blame | history
src/auth/digest/auth_digest.cc diff | blob | blame | history
Mirror of https://github.com/squid-cache/squid.git