diff options
| author | Lars Hjemli <larsh@hal-2004.(none)> | 2007-01-04 16:53:03 +0100 | 
|---|---|---|
| committer | Lars Hjemli <larsh@hal-2004.(none)> | 2007-01-04 16:57:00 +0100 | 
| commit | 52e605caf573fa20fdd4fbac5e1cc69b7740b1f5 (patch) | |
| tree | 62c7bfb147f93a850f430185961a89ee51b8470a | |
| parent | 05b13194b4b40a2614692125d5037ef20c5fb20e (diff) | |
Handle %xx encoding in querystring
Convert valid %xx expressions in querystring to ascii, ignore invalid
expressions (i.e. eat the three characters %xx).
Signed-off-by: Lars Hjemli <larsh@hal-2004.(none)>
| -rw-r--r-- | cgit.h | 2 | ||||
| -rw-r--r-- | parsing.c | 21 | ||||
| -rw-r--r-- | shared.c | 13 | 
3 files changed, 36 insertions, 0 deletions
| @@ -67,6 +67,8 @@ extern void cgit_global_config_cb(const char *name, const char *value);  extern void cgit_repo_config_cb(const char *name, const char *value);  extern void cgit_querystring_cb(const char *name, const char *value); +extern int hextoint(char c); +  extern void *cgit_free_commitinfo(struct commitinfo *info);  extern char *fmt(const char *format,...); @@ -79,6 +79,25 @@ int cgit_read_config(const char *filename, configfn fn)  	return ret;  } +char *convert_query_hexchar(char *txt) +{ +	int d1, d2; +	if (strlen(txt) < 3) { +		*txt = '\0'; +		return txt-1; +	} +	d1 = hextoint(*(txt+1)); +	d2 = hextoint(*(txt+2)); +	if (d1<0 || d2<0) { +		strcpy(txt, txt+3); +		return txt-1; +	} else { +		*txt = d1 * 16 + d2; +		strcpy(txt+1, txt+3); +		return txt; +	} +} +  int cgit_parse_query(char *txt, configfn fn)  {  	char *t, *value = NULL, c; @@ -94,6 +113,8 @@ int cgit_parse_query(char *txt, configfn fn)  			value = t+1;  		} else if (c=='+') {  			*t = ' '; +		} else if (c=='%') { +			t = convert_query_hexchar(t);  		} else if (c=='&') {  			*t = '\0';  			(*fn)(txt, value); @@ -113,3 +113,16 @@ void *cgit_free_commitinfo(struct commitinfo *info)  	free(info);  	return NULL;  } + +int hextoint(char c) +{ +	if (c >= 'a' && c <= 'f') +		return 10 + c - 'a'; +	else if (c >= 'A' && c <= 'F') +		return 10 + c - 'A'; +	else if (c >= '0' && c <= '9') +		return c - '0'; +	else +		return -1; +} + | 
