diff options
author | Jo-Philipp Wich <jo@mein.io> | 2017-11-04 14:31:40 +0100 |
---|---|---|
committer | Jo-Philipp Wich <jo@mein.io> | 2017-11-04 14:41:57 +0100 |
commit | a235636a2687fafb9c474e4b134a59ff66425c92 (patch) | |
tree | 6ff257ebdaf82bcad42c9345b2b78b9888a6669f /auth.c | |
parent | 3fd58e9b6da7d9e1a4710dbeefc2d289baea09fb (diff) |
file: fix query string handling
Instead of storing a pointer to the beginning of the query string within the
request url, store a copy in a static buffer instead. This aligns handling
the query string portion of the url with other elements like physical path
or path info information.
Since the URL is usually kept in the per-client blob buffer which might
change its memory location due to reallocations triggered by blobmsg_add_*,
it is not safe to point to it early in the request life cycle.
This fixes invalid memory access usually manifesting itself as corrupted
query string data in CGI scripts.
Reported-by: P. Wassi <p.wassi@gmx.at>
Suggested-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'auth.c')
0 files changed, 0 insertions, 0 deletions