diff options
author | Yann Ylavic <ylavic@apache.org> | 2020-05-20 16:01:17 +0200 |
---|---|---|
committer | Yann Ylavic <ylavic@apache.org> | 2020-05-20 16:01:17 +0200 |
commit | 11d03dc86a9642a4af44c40122299b7efad47775 (patch) | |
tree | 23576af687aa6d5ad87abb8307bb4e3006741f1e /server/util.c | |
parent | lognos (diff) | |
download | apache2-11d03dc86a9642a4af44c40122299b7efad47775.tar.xz apache2-11d03dc86a9642a4af44c40122299b7efad47775.zip |
core,modules: provide/use ap_parse_strict_length() helper.
It helps simplifying a lot of duplicated code based on apr_strtoff(), while
also rejecting leading plus/minus signs which are dissalowed in Content-Length
and (Content-)Range headers.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1877954 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to '')
-rw-r--r-- | server/util.c | 28 |
1 files changed, 15 insertions, 13 deletions
diff --git a/server/util.c b/server/util.c index 7603895e02..59e273e911 100644 --- a/server/util.c +++ b/server/util.c @@ -2673,6 +2673,15 @@ AP_DECLARE(apr_status_t) ap_timeout_parameter_parse( return APR_SUCCESS; } +AP_DECLARE(int) ap_parse_strict_length(apr_off_t *len, const char *str) +{ + char *end; + + return (apr_isdigit(*str) + && apr_strtoff(len, str, &end, 10) == APR_SUCCESS + && *end == '\0'); +} + /** * Determine if a request has a request body or not. * @@ -2682,20 +2691,13 @@ AP_DECLARE(apr_status_t) ap_timeout_parameter_parse( AP_DECLARE(int) ap_request_has_body(request_rec *r) { apr_off_t cl; - char *estr; const char *cls; - int has_body; - - has_body = (!r->header_only - && (r->kept_body - || apr_table_get(r->headers_in, "Transfer-Encoding") - || ( (cls = apr_table_get(r->headers_in, "Content-Length")) - && (apr_strtoff(&cl, cls, &estr, 10) == APR_SUCCESS) - && (!*estr) - && (cl > 0) ) - ) - ); - return has_body; + + return (!r->header_only + && (r->kept_body + || apr_table_get(r->headers_in, "Transfer-Encoding") + || ((cls = apr_table_get(r->headers_in, "Content-Length")) + && ap_parse_strict_length(&cl, cls) && cl > 0))); } /** |