github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Remove \0ooo support from t:escapeSeqDecode. See #423.

Browse Source
This commit is contained in:
brectanus 2007-12-20 21:04:19 +00:00
parent 4104e261e7
commit 78f83198d0
1 changed files with 3 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
apache2/msc_util.c
View File

@ -1002,10 +1002,6 @@ int ansi_c_sequences_decode_inplace(unsigned char *input, int input_len) {
if ((input[i] == '\\')&&(i + 1 < input_len)) { if ((input[i] == '\\')&&(i + 1 < input_len)) {
int c = -1; int c = -1;
/* ENH Should we handle \c as well?
* See http://www.opengroup.org/onlinepubs/009695399/utilities/printf.html
*/
switch(input[i + 1]) { switch(input[i + 1]) {
case 'a' : case 'a' :
c = '\a'; c = '\a';
@ -1058,13 +1054,10 @@ int ansi_c_sequences_decode_inplace(unsigned char *input, int input_len) {
} }
else else
if (ISODIGIT(input[i + 1])) { /* Octal. */ if (ISODIGIT(input[i + 1])) { /* Octal. */
char buf[10]; char buf[4];
int j = 0, l = 3; int j = 0;
/* Up to 4 digits if the first digit is a zero. */ while((i + 1 + j < input_len)&&(j < 3)) {
if (input[i + 1] == '0') l = 4;
while((i + 1 + j < input_len)&&(j <= l)) {
buf[j] = input[i + 1 + j]; buf[j] = input[i + 1 + j];
j++; j++;
if (!ISODIGIT(input[i + 1 + j])) break; if (!ISODIGIT(input[i + 1 + j])) break;