On Sat, Jan 03, 2004 at 04:31:32PM -0000, [EMAIL PROTECTED] wrote:
> ben 2004/01/03 08:31:32
>
> Modified: server gen_test_char.c
> Log:
> Make forensic logging safe for POST data. The issue with strchr and NUL is
> a red herring.
I don't think this is a safe change: 0 is now flagged with
T_ESCAPE_FORENSIC|T_ESCAPE_LOGITEM|T_HTTP_TOKEN_STOP|T_ESCAPE_SHELL_CMD.
At least ap_find_token() assumes that 0 is not flagged with
T_HTTP_TOKEN_STOP.
>
> Revision Changes Path
> 1.19 +3 -7 httpd-2.0/server/gen_test_char.c
>
> Index: gen_test_char.c
> ===================================================================
> RCS file: /home/cvs/httpd-2.0/server/gen_test_char.c,v
> retrieving revision 1.18
> retrieving revision 1.19
> diff -u -r1.18 -r1.19
> --- gen_test_char.c 3 Jan 2004 15:33:41 -0000 1.18
> +++ gen_test_char.c 3 Jan 2004 16:31:32 -0000 1.19
> @@ -90,8 +90,7 @@
> "#define T_ESCAPE_LOGITEM (%u)\n"
> "#define T_ESCAPE_FORENSIC (%u)\n"
> "\n"
> - "static const unsigned char test_char_table[256] = {\n"
> - " 0,",
> + "static const unsigned char test_char_table[256] = {",
> T_ESCAPE_SHELL_CMD,
> T_ESCAPE_PATH_SEGMENT,
> T_OS_ESCAPE_PATH,
> @@ -99,10 +98,7 @@
> T_ESCAPE_LOGITEM,
> T_ESCAPE_FORENSIC);
>
> - /* we explicitly dealt with NUL above
> - * in case some strchr() do bogosity with it */
> -
> - for (c = 1; c < 256; ++c) {
> + for (c = 0; c < 256; ++c) {
> flags = 0;
> if (c % 20 == 0)
> printf("\n ");
> @@ -154,7 +150,7 @@
> * :, | (used as delimiters) and % (used for escaping).
> */
> if (!apr_isprint(c) || c == ':' || c == '|' || c == '%'
> - || apr_iscntrl(c)) {
> + || apr_iscntrl(c) || !c) {
> flags |= T_ESCAPE_FORENSIC;
> }
>
>
>
>
