From ae295b155554496e235c3310f23909917bd54318 Mon Sep 17 00:00:00 2001 From: André Malo Date: Sat, 10 Apr 2004 13:17:15 +0000 Subject: escape the cookie_name before pasting into the regexp. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@103326 13f79535-47bb-0310-9956-ffa450edef68 --- modules/metadata/mod_usertrack.c | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) (limited to 'modules/metadata') diff --git a/modules/metadata/mod_usertrack.c b/modules/metadata/mod_usertrack.c index d7bbb22479..9c00a9a1d0 100644 --- a/modules/metadata/mod_usertrack.c +++ b/modules/metadata/mod_usertrack.c @@ -160,12 +160,44 @@ static void set_and_comp_regexp(cookie_dir_rec *dcfg, apr_pool_t *p, const char *cookie_name) { + int danger_chars = 0; + const char *sp = cookie_name; + /* The goal is to end up with this regexp, * ^cookie_name=([^;,]+)|[;,][ \t]+cookie_name=([^;,]+) * with cookie_name obviously substituted either * with the real cookie name set by the user in httpd.conf, or with the * default COOKIE_NAME. */ - dcfg->regexp_string = apr_pstrcat(p, "^", cookie_name, "=([^;,]+)|[;,][ \t]*", cookie_name, "=([^;,]+)", NULL); + + /* Anyway, we need to escape the cookie_name before pasting it + * into the regex + */ + while (*sp) { + if (!apr_isalnum(*sp)) { + ++danger_chars; + } + ++sp; + } + + if (danger_chars) { + char *cp; + cp = apr_palloc(p, sp - cookie_name + danger_chars + 1); /* 1 == \0 */ + sp = cookie_name; + cookie_name = cp; + while (*sp) { + if (!apr_isalnum(*sp)) { + *cp++ = '\\'; + } + *cp++ = *sp++; + } + *cp = '\0'; + } + + dcfg->regexp_string = apr_pstrcat(p, "^", + cookie_name, + "=([^;,]+)|[;,][ \t]*", + cookie_name, + "=([^;,]+)", NULL); dcfg->regexp = ap_pregcomp(p, dcfg->regexp_string, REG_EXTENDED); } -- cgit v1.2.3