a1batross
/
kore
forked from mirrors/kore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

catch more bad ranges in http_argument_urldecode()

This commit is contained in:
Joris Vink 2018-06-28 15:39:03 +02:00
parent 2139527df7
commit 521ff6a11d
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/http.c
View File

@ -853,10 +853,13 @@ http_argument_urldecode(char *arg)
h[3] = *(p + 2);
h[4] = '\0';
v = kore_strtonum(h, 16, 0x20, 0x7e, &err);
v = kore_strtonum(h, 16, 0x0, 0xff, &err);
if (err != KORE_RESULT_OK)
return (err);
if (v <= 0x1f || v == 0x7f || (v >= 0x80 && v <= 0x9f))
return (KORE_RESULT_ERROR);
*in++ = (char)v;
p += 3;
}