| author | Lars Hjemli <larsh@hal-2004.(none)> | 2007-01-04 15:53:03 (UTC) |
|---|---|---|
| committer | Lars Hjemli <larsh@hal-2004.(none)> | 2007-01-04 15:57:00 (UTC) |
| commit | 52e605caf573fa20fdd4fbac5e1cc69b7740b1f5 (patch) (side-by-side diff) | |
| tree | 62c7bfb147f93a850f430185961a89ee51b8470a | |
| parent | 05b13194b4b40a2614692125d5037ef20c5fb20e (diff) | |
| download | cgit-52e605caf573fa20fdd4fbac5e1cc69b7740b1f5.zip cgit-52e605caf573fa20fdd4fbac5e1cc69b7740b1f5.tar.gz cgit-52e605caf573fa20fdd4fbac5e1cc69b7740b1f5.tar.bz2 | |
Handle %xx encoding in querystring
Convert valid %xx expressions in querystring to ascii, ignore invalid
expressions (i.e. eat the three characters %xx).
Signed-off-by: Lars Hjemli <larsh@hal-2004.(none)>
| -rw-r--r-- | cgit.h | 2 | ||||
| -rw-r--r-- | parsing.c | 21 | ||||
| -rw-r--r-- | shared.c | 13 |
3 files changed, 36 insertions, 0 deletions
@@ -62,16 +62,18 @@ extern char *cgit_query_sha2; extern int cgit_query_ofs; extern int htmlfd; extern void cgit_global_config_cb(const char *name, const char *value); extern void cgit_repo_config_cb(const char *name, const char *value); extern void cgit_querystring_cb(const char *name, const char *value); +extern int hextoint(char c); + extern void *cgit_free_commitinfo(struct commitinfo *info); extern char *fmt(const char *format,...); extern void html(const char *txt); extern void htmlf(const char *format,...); extern void html_txt(char *txt); extern void html_ntxt(int len, char *txt); @@ -74,31 +74,52 @@ int cgit_read_config(const char *filename, configfn fn) while((len = read_config_line(f, line, &value, sizeof(line))) > 0) (*fn)(line, value); fclose(f); return ret; } +char *convert_query_hexchar(char *txt) +{ + int d1, d2; + if (strlen(txt) < 3) { + *txt = '\0'; + return txt-1; + } + d1 = hextoint(*(txt+1)); + d2 = hextoint(*(txt+2)); + if (d1<0 || d2<0) { + strcpy(txt, txt+3); + return txt-1; + } else { + *txt = d1 * 16 + d2; + strcpy(txt+1, txt+3); + return txt; + } +} + int cgit_parse_query(char *txt, configfn fn) { char *t, *value = NULL, c; if (!txt) return 0; t = txt = xstrdup(txt); while((c=*t) != '\0') { if (c=='=') { *t = '\0'; value = t+1; } else if (c=='+') { *t = ' '; + } else if (c=='%') { + t = convert_query_hexchar(t); } else if (c=='&') { *t = '\0'; (*fn)(txt, value); txt = t+1; value = NULL; } t++; } @@ -108,8 +108,21 @@ void *cgit_free_commitinfo(struct commitinfo *info) free(info->author); free(info->author_email); free(info->committer); free(info->committer_email); free(info->subject); free(info); return NULL; } + +int hextoint(char c) +{ + if (c >= 'a' && c <= 'f') + return 10 + c - 'a'; + else if (c >= 'A' && c <= 'F') + return 10 + c - 'A'; + else if (c >= '0' && c <= '9') + return c - '0'; + else + return -1; +} + |