This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 7.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit 44fbd49b1e2f31dfed4a51df62e1237ae63e73aa
Author: Chris Lemmons <alfic...@gmail.com>
AuthorDate: Fri Apr 6 11:55:55 2018 -0600
Fixed length calculation for url_sig excl regexes.
The old calculation was incorrectly calculating the length to be
searched. Fortunately, it was not possible for the length to be
overlong, so there is no security concern, simply a bug that caused some
requests that should have been whitelisted via the excl regex to be
validated (and therefore to fail) incorrectly.
This change corrects the calculation.
(cherry picked from commit 96466de3093d1c8734ea2d82861101c1adb97fef)
---
plugins/experimental/url_sig/url_sig.c | 18 ++++++++----------
1 file changed, 8 insertions(+), 10 deletions(-)
diff --git a/plugins/experimental/url_sig/url_sig.c
b/plugins/experimental/url_sig/url_sig.c
index cd4ebeb..f27dd88 100644
--- a/plugins/experimental/url_sig/url_sig.c
+++ b/plugins/experimental/url_sig/url_sig.c
@@ -510,17 +510,15 @@ TSRemapDoRemap(void *ih, TSHttpTxn txnp,
TSRemapRequestInfo *rri)
const char *query = strchr(url, '?');
if (cfg->regex) {
- int offset = 0, options = 0;
+ const int offset = 0, options = 0;
int ovector[30];
- int len = url_len;
- const char *anchor = strchr(url, '#');
- if (query && !anchor) {
- len -= (query - url);
- } else if (anchor && !query) {
- len -= (anchor - url);
- } else if (anchor && query) {
- len -= ((query < anchor ? query : anchor) - url);
- }
+
+ /* Only search up to the first ? or # */
+ const char *base_url_end = url;
+ while (*base_url_end && !(*base_url_end == '?' || *base_url_end == '#'))
+ ++base_url_end;
+ const int len = base_url_end - url;
+
if (pcre_exec(cfg->regex, cfg->regex_extra, url, len, offset, options,
ovector, 30) >= 0) {
goto allow;
}
--
To stop receiving notification emails like this one, please contact
zw...@apache.org.
