[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r15551 - in libmicrohttpd: . src/daemon
From: |
gnunet |
Subject: |
[GNUnet-SVN] r15551 - in libmicrohttpd: . src/daemon |
Date: |
Sat, 11 Jun 2011 13:15:53 +0200 |
Author: grothoff
Date: 2011-06-11 13:15:53 +0200 (Sat, 11 Jun 2011)
New Revision: 15551
Modified:
libmicrohttpd/ChangeLog
libmicrohttpd/src/daemon/connection.c
libmicrohttpd/src/daemon/digestauth.c
libmicrohttpd/src/daemon/internal.c
Log:
fixing 1688
Modified: libmicrohttpd/ChangeLog
===================================================================
--- libmicrohttpd/ChangeLog 2011-06-10 15:39:28 UTC (rev 15550)
+++ libmicrohttpd/ChangeLog 2011-06-11 11:15:53 UTC (rev 15551)
@@ -1,3 +1,6 @@
+Sat Jun 11 13:05:12 CEST 2011
+ Replacing use of sscanf by strtoul (#1688). -CG/bplant
+
Fri Jun 3 15:26:42 CEST 2011
Adding MHD_CONNECTION_INFO_DAEMON to obtain MHD_Daemon
responsible for a given connection. -CG
Modified: libmicrohttpd/src/daemon/connection.c
===================================================================
--- libmicrohttpd/src/daemon/connection.c 2011-06-10 15:39:28 UTC (rev
15550)
+++ libmicrohttpd/src/daemon/connection.c 2011-06-11 11:15:53 UTC (rev
15551)
@@ -26,6 +26,7 @@
*/
#include "internal.h"
+#include <limits.h>
#include "connection.h"
#include "memorypool.h"
#include "response.h"
@@ -1252,6 +1253,7 @@
int instant_retry;
int malformed;
char *buffer_head;
+ char *end;
if (connection->response != NULL)
return; /* already queued a response */
@@ -1326,11 +1328,8 @@
if (!malformed)
{
buffer_head[i] = '\0';
- malformed =
- (1 != SSCANF (buffer_head, "%X",
- &connection->current_chunk_size)) &&
- (1 != SSCANF (buffer_head, "%x",
- &connection->current_chunk_size));
+ connection->current_chunk_size = strtoul (buffer_head, &end,
16);
+ malformed = ('\0' != *end);
}
if (malformed)
{
@@ -1655,6 +1654,7 @@
unsigned MHD_LONG_LONG cval;
struct MHD_Response *response;
const char *enc;
+ char *end;
parse_cookie_header (connection);
if ((0 != (MHD_USE_PEDANTIC_CHECKS & connection->daemon->options))
@@ -1687,7 +1687,9 @@
MHD_HTTP_HEADER_CONTENT_LENGTH);
if (clen != NULL)
{
- if (1 != SSCANF (clen, "%" MHD_LONG_LONG_PRINTF "u", &cval))
+ cval = strtoul (clen, &end, 10);
+ if ( ('\0' != *end) ||
+ ( (LONG_MAX == cval) && (errno == ERANGE) ) )
{
#if HAVE_MESSAGES
MHD_DLOG (connection->daemon,
Modified: libmicrohttpd/src/daemon/digestauth.c
===================================================================
--- libmicrohttpd/src/daemon/digestauth.c 2011-06-10 15:39:28 UTC (rev
15550)
+++ libmicrohttpd/src/daemon/digestauth.c 2011-06-11 11:15:53 UTC (rev
15551)
@@ -25,6 +25,7 @@
*/
#include "platform.h"
+#include <limits.h>
#include "internal.h"
#include "md5.h"
#include "base64.h"
@@ -447,6 +448,7 @@
{
size_t len;
const char *header;
+ char *end;
char nonce[MAX_NONCE_LENGTH];
char cnonce[MAX_NONCE_LENGTH];
char qop[15]; /* auth,auth-int */
@@ -544,9 +546,12 @@
( (0 != strcmp (qop, "auth")) &&
(0 != strcmp (qop, "")) ) ||
(0 == lookup_sub_value(nc, sizeof (nc), header, "nc")) ||
- (1 != sscanf (nc, "%u", &nci)) ||
(0 == lookup_sub_value(response, sizeof (response), header,
"response")) )
return MHD_NO;
+ nci = strtoul (nc, &end, 10);
+ if ( ('\0' != *end) ||
+ ( (LONG_MAX == nci) && (errno == ERANGE) ) )
+ return MHD_NO; /* invalid nonce */
/*
* Checking if that combination of nonce and nc is sound
Modified: libmicrohttpd/src/daemon/internal.c
===================================================================
--- libmicrohttpd/src/daemon/internal.c 2011-06-10 15:39:28 UTC (rev 15550)
+++ libmicrohttpd/src/daemon/internal.c 2011-06-11 11:15:53 UTC (rev 15551)
@@ -121,7 +121,9 @@
{
char *rpos = val;
char *wpos = val;
+ char *end;
unsigned int num;
+ char buf3[3];
while ('\0' != *rpos)
{
@@ -133,10 +135,11 @@
rpos++;
break;
case '%':
- if ( (1 == SSCANF (&rpos[1],
- "%2x", &num)) ||
- (1 == SSCANF (&rpos[1],
- "%2X", &num)) )
+ buf3[0] = rpos[1];
+ buf3[1] = rpos[2];
+ buf3[2] = '\0';
+ num = strtoul (buf3, &end, 16);
+ if ('\0' == *end)
{
*wpos = (unsigned char) num;
wpos++;
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r15551 - in libmicrohttpd: . src/daemon,
gnunet <=