summaryrefslogtreecommitdiffstats
path: root/server/util.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Axe some redundant conditions. PR 62549.Yann Ylavic2018-08-131-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837941 13f79535-47bb-0310-9956-ffa450edef68
* Correct see also commentWilliam A. Rowe Jr2018-07-191-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1836287 13f79535-47bb-0310-9956-ffa450edef68
* core: Add ap_reuse_brigade_from_pool().Yann Ylavic2018-07-161-0/+16
| | | | | | | | | | Current RETRIEVE_BRIGADE_FROM_POOL macro from "http_request.c" is turned into a helper and used in ap_request_core_filter(). We will need it in a subsequent commit in "util_filter.c" too. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1836018 13f79535-47bb-0310-9956-ffa450edef68
* Save a few cycles.Christophe Jaillet2018-04-221-3/+2
| | | | | | We already know the length of the string we want to copy, so use 'apr_pstrmemdup()' instead of 'apr_strdup()'. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829799 13f79535-47bb-0310-9956-ffa450edef68
* Follow up to r1609680: further simplify/optimize ap_proxy_strcmp_ematch().Yann Ylavic2018-03-091-2/+2
| | | | | | | While at it, same treatment for its mother ap_strcmp_match(). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1826313 13f79535-47bb-0310-9956-ffa450edef68
* util.c: revert r1799375 during veto discussionJacob Champion2017-06-211-4/+4
| | | | | | https://lists.apache.org/thread.html/c0320136ae7e4cbbae03cb2636dfb9b693b2d7a6ffb4c9a645beadb9@%3Cdev.httpd.apache.org%3E git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799472 13f79535-47bb-0310-9956-ffa450edef68
* Make case insensitiveJim Jagielski2017-06-211-1/+6
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799425 13f79535-47bb-0310-9956-ffa450edef68
* util.c: add a strict Base64 decoding functionJacob Champion2017-06-211-0/+70
| | | | | | | | | | | | | | | | ap_pbase64decode_strict() adds to the functionality of ap_pbase64decode() in two ways: - the length of the decoded buffer is returned, allowing embedded NULLs to be retained by the caller - the input string is strictly checked for Base64 validity, including correct zero-padding at the end of the string (This was originally added to the httpdunit feature/backport branch in r1796208, then reverted in r1799376, since it's currently intended for trunk only.) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799380 13f79535-47bb-0310-9956-ffa450edef68
* util.c: ensure all TEST_CHAR loops stop at the null terminatorJacob Champion2017-06-211-4/+4
| | | | | | | | | In the aftermath of CVE-2017-7668, decouple the business logic ("is NULL a T_HTTP_CTRL") from the postcondition ("must not go past the end of the string"). The NULL-byte classification in the TEST_CHAR table may change in the future. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799375 13f79535-47bb-0310-9956-ffa450edef68
* Quiet spurious gcc warning in ap_parse_form_data ("'escaped_char[0]' may beYann Ylavic2017-06-151-2/+1
| | | | | | | | used uninitialized in this function"). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798785 13f79535-47bb-0310-9956-ffa450edef68
* PR61124: ap_parse_form_data() EBCDIC fixEric Covener2017-05-271-22/+4
| | | | | | | | | | | URL-decoding doesn't work on EBCDIC. Submitted By: Hank Ibell <hwibell gmail.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796446 13f79535-47bb-0310-9956-ffa450edef68
* short-circuit on NULLEric Covener2017-05-261-4/+2
| | | | | | | | Submitted By: jchampion CVEID: CVE-2017-7668 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796350 13f79535-47bb-0310-9956-ffa450edef68
* Introduce request taint-checking concept.Nick Kew2017-04-211-0/+15
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1792169 13f79535-47bb-0310-9956-ffa450edef68
* When redrawing the parser, ap_get_http_token looked to be useful, but there'sWilliam A. Rowe Jr2016-10-181-19/+0
| | | | | | | | | | | | | | | | no application for this yet in httpd, so hold off adding this function when we backport the enhancements. ap_scan_http_token was entirely sufficient. If the community wants this new function, we can add it when backporting work is complete. This patch, and the earlier patches Friday actually demanded an mmn major bump due to struct member changes. In any final backport, new members must be added to the end of the struct to retain an mmn minor designation. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1765451 13f79535-47bb-0310-9956-ffa450edef68
* Dropped the never-released ap_has_cntrls() as it had very limited William A. Rowe Jr2016-10-141-14/+4
| | | | | | | | | | | | | | | | | | | | | | and inefficient application at that, added ap_scan_vchar_obstext() to accomplish a similar purpose. Dropped HttpProtocolOptions StrictURL option, this will be better handled in the future with a specific directive and perhaps multiple levels of scrutiny, use ap_scan_vchar_obstext() to simply ensure there are no control characters or whitespace within the URI. Changed the scanning of the response header table by check_headers() to follow the same rulesets as reading request headers. Disallow any CTL character within a response header value, and any CTL or whitespace in response header field name, even in strict mode. Apply HttpProtocolOptions Strict to chunk header parsing, invalid whitespace is invalid, line termination must follow CRLF convention. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1764961 13f79535-47bb-0310-9956-ffa450edef68
* Introduce StrictURI|UnsafeURI for RFC3986 enforcementWilliam A. Rowe Jr2016-08-191-0/+10
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1756959 13f79535-47bb-0310-9956-ffa450edef68
* With NUL as a TOKEN_STOP, this code is more efficientWilliam A. Rowe Jr2016-07-291-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1754544 13f79535-47bb-0310-9956-ffa450edef68
* Introduce ap_scan_http_field_content, ap_scan_http_tokenWilliam A. Rowe Jr2016-07-291-1/+41
| | | | | | | | and ap_get_http_token for more efficient string handling. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1754541 13f79535-47bb-0310-9956-ffa450edef68
* Have to walk it back, but somewhere along the way, I missed a critical editWilliam A. Rowe Jr2016-06-091-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1747483 13f79535-47bb-0310-9956-ffa450edef68
* Rename ap_casecmpstr[n]() to ap_cstr_casecmp[n](), update with APR doxygenWilliam A. Rowe Jr2016-06-091-2/+2
| | | | | | | This time, with merge-ability back into 2.4.x git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1747478 13f79535-47bb-0310-9956-ffa450edef68
* Major issue with these two specific edits falling into r1747469William A. Rowe Jr2016-06-091-2/+2
| | | | | | | | | | is that it becomes impossible to cleanly merge into branches/2.4.x. Reverting this one functional/historical edit, to recommit for merging. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1747477 13f79535-47bb-0310-9956-ffa450edef68
* Rename ap_casecmpstr[n]() to ap_cstr_casecmp[n](), update with APR doxygenWilliam A. Rowe Jr2016-06-091-6/+6
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1747469 13f79535-47bb-0310-9956-ffa450edef68
* Update code to mirror r1747461 of apr-2.0 apr_cstr.c.William A. Rowe Jr2016-06-091-67/+76
| | | | | | | | | More legible, slightly more performant. Based on the compiler in use and -O flags, YMWV. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1747468 13f79535-47bb-0310-9956-ffa450edef68
* New support function: ap_getword_conf2[_nc] which actsJim Jagielski2015-12-301-0/+54
| | | | | | | | | | | | just like ap_getword_conf[_nc] but allows for {} to be used as word quotes. That is: {Hello World} Foo Bar "Hello World" Foo Bar are equiv. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1722321 13f79535-47bb-0310-9956-ffa450edef68
* revert... hold off for now.Jim Jagielski2015-12-291-27/+7
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1722245 13f79535-47bb-0310-9956-ffa450edef68
* Ok... allow for getting "words" by also allowing theJim Jagielski2015-12-291-7/+27
| | | | | | | | | | | | | | use of curlies... That is: "Hello World" Foo Bar and {Hello World} Foo Bar will both return the same if using ap_getword_conf2() git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1722243 13f79535-47bb-0310-9956-ffa450edef68
* Small changes to ap_casecmpstr[n]() for better performances, see:Yann Ylavic2015-12-291-4/+6
| | | | | | http://mail-archives.apache.org/mod_mbox/httpd-dev/201511.mbox/%3CCAKQ1sVOU7xmY-_PaQb0et0GXO-NxtTPBsD4ZU_UbtUzWYOUVTg%40mail.gmail.com%3E git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1722194 13f79535-47bb-0310-9956-ffa450edef68
* More ap_casecmpstr[n]() usages (follow up to r1715876).Yann Ylavic2015-11-231-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1715880 13f79535-47bb-0310-9956-ffa450edef68
* Use new ap_casecmpstr[n]() functions where appropriate (not exhaustive).Yann Ylavic2015-11-231-3/+3
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1715876 13f79535-47bb-0310-9956-ffa450edef68
* Revert r1715789: will re-commit without spurious functional changes.Yann Ylavic2015-11-231-3/+3
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1715869 13f79535-47bb-0310-9956-ffa450edef68
* Use new ap_casecmpstr[n]() functions where appropriate (not exhaustive).Yann Ylavic2015-11-231-3/+3
| | | | | | | [Reverted by r1715869] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1715789 13f79535-47bb-0310-9956-ffa450edef68
* Before they are used, rename ap_str[n]casecmp() to ap_casecmpstr[n]() to matchYann Ylavic2015-11-231-2/+2
| | | | | | | | what will probably be their APR names, avoiding any confusion wrt <strings.h>'s functions (semantic). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1715736 13f79535-47bb-0310-9956-ffa450edef68
* Introduce an ascii-like sortation for EBCDIC, case folding US-ASCII alpha onlyWilliam A. Rowe Jr2015-11-221-1/+49
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1715632 13f79535-47bb-0310-9956-ffa450edef68
* revert until these functions are used.Eric Covener2015-11-211-12/+0
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1715587 13f79535-47bb-0310-9956-ffa450edef68
* stick with underlying strcasecmp on EBCDIC buildsEric Covener2015-11-211-0/+12
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1715554 13f79535-47bb-0310-9956-ffa450edef68
* move to simpler while loop and reduce number of returnsJim Jagielski2015-11-211-10/+7
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1715526 13f79535-47bb-0310-9956-ffa450edef68
* typoJim Jagielski2015-11-211-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1715524 13f79535-47bb-0310-9956-ffa450edef68
* make bill happy (if possible!)Jim Jagielski2015-11-201-0/+1
| | | | | | | Note that these are ascii specific. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1715404 13f79535-47bb-0310-9956-ffa450edef68
* Provide our own impl of str[n]casecmp()Jim Jagielski2015-11-201-1/+68
| | | | | | | | | | This simply provides it. Next step is to change all uses of str[n]casecmp to ap_str[n]casecmp and *then* remove those silly logic paths where we check the 1st char of a string before we do the strcasecmp (since this is no longer expensive). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1715401 13f79535-47bb-0310-9956-ffa450edef68
* final final change to the new ap_array_str_* functions after reviewStefan Eissing2015-09-031-12/+16
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1700968 13f79535-47bb-0310-9956-ffa450edef68
* giving ap_array_index a start parameter, adding ap_array_containsStefan Eissing2015-08-271-4/+12
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1698133 13f79535-47bb-0310-9956-ffa450edef68
* creating ap_array_index in util, forwarding scheme into request processing, ↵Stefan Eissing2015-08-181-1/+1
| | | | | | enabling SSL vars only when scheme is not http:, delayed connection creation until task worker assignment git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1696428 13f79535-47bb-0310-9956-ffa450edef68
* introducing ap_array_index in util, used in protocol and mod_h2Stefan Eissing2015-08-171-0/+13
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1696264 13f79535-47bb-0310-9956-ffa450edef68
* Configuration files with long lines and continuation charactersEric Covener2014-12-291-15/+15
| | | | | | | | | | | are not read properly. PR 55910. Submitted By: Manuel Mausz <manuel-as mausz.at> Committed By: covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1648394 13f79535-47bb-0310-9956-ffa450edef68
* SECURITY (CVE-2014-0117): Fix a crash in mod_proxy. In a reverseJoe Orton2014-07-151-0/+89
| | | | | | | | | | | | | | | | | | | | | proxy configuration, a remote attacker could send a carefully crafted request which could crash a server process, resulting in denial of service. Thanks to Marek Kroemeke working with HP's Zero Day Initiative for reporting this issue. * server/util.c (ap_parse_token_list_strict): New function. * modules/proxy/proxy_util.c (find_conn_headers): Use it here. * modules/proxy/mod_proxy_http.c (ap_proxy_http_process_response): Send a 400 for a malformed Connection header. Submitted by: Edward Lu, breser, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1610674 13f79535-47bb-0310-9956-ffa450edef68
* Remove some 'register' in variable declaration.Christophe Jaillet2014-07-141-7/+7
| | | | | | Save a few cycles by calling 'apr_isalnum' instead of 'apr_isalpha' and 'apr_isdigit'. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1610353 13f79535-47bb-0310-9956-ffa450edef68
* Follow up to r1384924 .Christophe Jaillet2014-04-241-1/+5
| | | | | | Update comment and allocate one extra byte to be safe, even if not needed in the particular case described in r1384924. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1589599 13f79535-47bb-0310-9956-ffa450edef68
* s/apr_pstrndup/apr_pstrmemdup/ when applicableChristophe Jaillet2014-02-011-5/+3
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1563381 13f79535-47bb-0310-9956-ffa450edef68
* Use %pm in order to save 8k of stack in 'ap_pcfg_strerror'Christophe Jaillet2014-02-011-5/+7
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1563379 13f79535-47bb-0310-9956-ffa450edef68
* Be more clever when allocating memory for log item to be escaped.Christophe Jaillet2013-05-221-2/+19
| | | | | | This should be faster and save about 70-100 bytes in the request pool with the default config. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1485409 13f79535-47bb-0310-9956-ffa450edef68
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 15:15:15 +0100