From 65e7e474b19dc47fbdb909e5da34c01a73ed8881 Mon Sep 17 00:00:00 2001 From: martinhsv <55407942+martinhsv@users.noreply.github.com> Date: Tue, 11 May 2021 13:46:50 -0700 Subject: [PATCH] fix missing parentheses in filename* parsing --- src/request_body_processor/multipart.cc | 2 +- test/test-cases/regression/issue-1825.json | 60 +++++++++++++++++++--- 2 files changed, 55 insertions(+), 7 deletions(-) diff --git a/src/request_body_processor/multipart.cc b/src/request_body_processor/multipart.cc index ea75bd0e..e09ba320 100644 --- a/src/request_body_processor/multipart.cc +++ b/src/request_body_processor/multipart.cc @@ -341,7 +341,7 @@ int Multipart::parse_content_disposition(const char *c_d_value, int offset) { const char* start_of_filename = p; while ((*p != '\0') && (*p != ';')) { if (*p == '%') { - if ((*(p+1) == '\0') || (!isxdigit(*(p+1))) || (!isxdigit(*p+2))) { + if ((*(p+1) == '\0') || (!isxdigit(*(p+1))) || (!isxdigit(*(p+2)))) { return -18; } p += 3; diff --git a/test/test-cases/regression/issue-1825.json b/test/test-cases/regression/issue-1825.json index bfd96424..41fc349f 100644 --- a/test/test-cases/regression/issue-1825.json +++ b/test/test-cases/regression/issue-1825.json @@ -2,7 +2,7 @@ { "enabled":1, "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (1/6)", + "title":"multipart Content-Disposition should allow filename* field (1/7)", "client":{ "ip":"200.249.12.31", "port":123 @@ -50,7 +50,7 @@ { "enabled":1, "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (2/6)", + "title":"multipart Content-Disposition should allow filename* field (2/7)", "client":{ "ip":"200.249.12.31", "port":123 @@ -98,7 +98,7 @@ { "enabled":1, "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (3/6)", + "title":"multipart Content-Disposition should allow filename* field (3/7)", "client":{ "ip":"200.249.12.31", "port":123 @@ -146,7 +146,7 @@ { "enabled":1, "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (4/6)", + "title":"multipart Content-Disposition should allow filename* field (4/7)", "client":{ "ip":"200.249.12.31", "port":123 @@ -194,7 +194,7 @@ { "enabled":1, "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (5/6)", + "title":"multipart Content-Disposition should allow filename* field (5/7)", "client":{ "ip":"200.249.12.31", "port":123 @@ -242,7 +242,7 @@ { "enabled":1, "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (6/6)", + "title":"multipart Content-Disposition should allow filename* field (6/7)", "client":{ "ip":"200.249.12.31", "port":123 @@ -286,6 +286,54 @@ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart Content-Disposition should allow filename* field (7/7)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "----------------------------756b6d74fa1a8ee2", + "Content-Disposition: form-data; name=\"name\"", + "", + "test", + "----------------------------756b6d74fa1a8ee2", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=utf-8''%61%62.txt", + "Content-Type: text/plain", + "", + "This is a very small test file..", + "----------------------------756b6d74fa1a8ee2--" + ] + }, + "response":{ + "headers":"", + "body":"" + }, + "expected":{ + "http_code":200 + }, + "rules":[ + "SecRuleEngine On", + "SecRule REQBODY_ERROR \"!@eq 0\" \"id:1,phase:2,deny,status:403\"" + ] } ]