From 56fc2ea714838cc84de55eb4b3f52a837aa9fc15 Mon Sep 17 00:00:00 2001 From: brenosilva Date: Wed, 22 Dec 2010 13:57:44 +0000 Subject: [PATCH] MODSEC-148 fix issues --- apache2/msc_util.c | 19 +++++++++++++++++++ apache2/msc_util.h | 2 ++ apache2/re_operators.c | 2 +- 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/apache2/msc_util.c b/apache2/msc_util.c index 7857cdcf..9e48f534 100644 --- a/apache2/msc_util.c +++ b/apache2/msc_util.c @@ -154,6 +154,25 @@ int decode_base64_ext(char *plain_text, const char *input, int input_len) return j; } +/* \brief Convert const char to int +* +* \param c number string +* +* \retval n The converted number +*/ +int convert_to_int(const char c) +{ + int n; + if ((c>='0') && (c<='9')) + n = c - '0'; + else if ((c>='A') && (c<='F')) + n = c - 'A' + 10; + else if ((c>='a') && (c<='f')) + n = c - 'a' + 10; + else + n = 0; + return n; +} /** * Parses a string that contains a name-value pair in the form "name=value". diff --git a/apache2/msc_util.h b/apache2/msc_util.h index e89742dc..f6f423ce 100644 --- a/apache2/msc_util.h +++ b/apache2/msc_util.h @@ -92,6 +92,8 @@ char DSOLOCAL *_log_escape(apr_pool_t *p, const unsigned char *input, int DSOLOCAL decode_base64_ext(char *plain_text, const char *input, int input_len); +int DSOLOCAL convert_to_int(const char c); + int DSOLOCAL js_decode_nonstrict_inplace(unsigned char *input, long int input_len); int DSOLOCAL urldecode_uni_nonstrict_inplace_ex(unsigned char *input, long int input_length, int * changed); diff --git a/apache2/re_operators.c b/apache2/re_operators.c index 538c2fed..cba33b02 100644 --- a/apache2/re_operators.c +++ b/apache2/re_operators.c @@ -1252,7 +1252,7 @@ static int ssn_verify(const char *ssnumber, int len, msre_rule *rule) { for (i = 0; i < len; i++) { if (apr_isdigit(ssnumber[i])) { - num[i] = intval(ssnumber[i]); + num[i] = convert_to_int(ssnumber[i]); digits++; } }