github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix utf-8 character encoding conversion

Browse Source 
Reported on: #1794
This commit is contained in:
Felipe Zimmerle 2018-09-04 20:48:42 -03:00
parent 90197bdd99
commit a85ca00a55
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGES
View File

@ -1,6 +1,8 @@
v3.0.3 - YYYY-MMM-DD (to be released)
-------------------------------------
- Fix utf-8 character encoding conversion
[Issue #1794 - @tinselcity, @zimmerle]
- Adds support for ctl:requestBodyProcessor=URLENCODED
[Issue #1797 - @victorhora]
- Add LUA compatibility for CentOS and try to use LuaJIT first if available

2
src/operators/validate_utf8_encoding.cc
View File

@ -86,7 +86,7 @@ int ValidateUtf8Encoding::detect_utf8_character(
unicode_len = 4;
/* compute character number */
d = ((c & 0x07) << 18) | ((*(p_read + 1) & 0x3F) << 12)
| ((*(p_read + 2) & 0x3F) < 6) | (*(p_read + 3) & 0x3F);
| ((*(p_read + 2) & 0x3F) << 6) | (*(p_read + 3) & 0x3F);
}
} else {
/* any other first byte is invalid (RFC 3629) */