github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixed decoding full-width unicode in t:urlDecodeUni for ASCII range 0xFF01-0xFF5E. Probably need more work/testing. (See #122)

Browse Source
This commit is contained in:
brectanus
2007-05-16 20:09:28 +00:00
parent 97a1718d39
commit eaa8e444dd
2 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
apache2/msc_util.c
View File

@@ -561,8 +561,18 @@ int urldecode_uni_nonstrict_inplace_ex(unsigned char *input, long int input_len)
if ( (VALID_HEX(input[i + 2]))&&(VALID_HEX(input[i + 3]))
&&(VALID_HEX(input[i + 4]))&&(VALID_HEX(input[i + 5])) )
{
/* We make use of the lower byte here, ignoring the higher byte. */
*d++ = x2c(&input[i + 4]);
/* We first make use of the lower byte here, ignoring the higher byte. */
*d = x2c(&input[i + 4]);
/* Full width ASCII (ff01 - ff5e) needs 0x20 added */
if ( (*d > 0x00) && (*d < 0x5f)
&& ((input[i + 2] == 'f') || (input[i + 2] == 'F'))
&& ((input[i + 3] == 'f') || (input[i + 3] == 'F')))
{
*d += 0x20;
}
d++;
count++;
i += 6;
} else {