On Tue, Jun 23, 2015 at 06:03:48PM +0200, Sebastien Marie wrote:
> On Tue, Jun 23, 2015 at 04:54:22PM +0200, Sebastien Marie wrote:
> >
> > the matched substrings should be escaped with url_encoded() before
> > expansion.
> >
>
> Here the patch to address the escaping problem.
>
> OK?
>
Yes, OK
Reyk
> --
> Sebastien Marie
>
> Index: server_http.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/httpd/server_http.c,v
> retrieving revision 1.83
> diff -u -p -r1.83 server_http.c
> --- server_http.c 23 Jun 2015 15:23:14 -0000 1.83
> +++ server_http.c 23 Jun 2015 16:00:40 -0000
> @@ -911,8 +911,11 @@ server_expand_http(struct client *clt, c
> return (NULL);
>
> /* Expand variable with matched value */
> - if (expand_string(buf, len, ibuf,
> - clt->clt_srv_match.sm_match[n]) != 0)
> + if ((str = url_encode(clt->clt_srv_match.sm_match[n])) == NULL)
> + return (NULL);
> + ret = expand_string(buf, len, ibuf, str);
> + free(str);
> + if (ret != 0)
> return (NULL);
> }
> if (strstr(val, "$DOCUMENT_URI") != NULL) {
--
