crtxcr
/
cgitsb
1
0
Fork 0
程式碼 問題 合併請求 版本發布 Wiki 動態

html.c: avoid out-of-bounds access for url_escape_table 

This fixes a segfault for me with with -O2 optimization on x86
with gcc (Debian 4.4.5-8) 4.4.5

I can reliably reproduce it with the following parameters
when pointed to the git.git repository:

PATH_INFO='/git-core.git/diff/'
QUERY_STRING='id=2b93bfac0f5bcabbf60f174f4e7bfa9e318e64d5&id2=d6da71a9d16b8cf27f9d8f90692d3625c849cbc8'

Signed-off-by: Eric Wong <normalperson@yhbt.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This commit is contained in:
Eric Wong 2011-07-21 03:24:54 +00:00 提交者 Lars Hjemli
父節點 877ff68100
當前提交 9cae75d040
共有 1 個檔案被更改,包括 2 行新增2 行删除
顯示統計資料 下載 Patch 檔 下載差異檔 展開所有檔案 折疊所有檔案

4
html.c
查看文件

@ -162,7 +162,7 @@ void html_url_path(const char *txt)
{
const char *t = txt;
while(t && *t){
int c = *t;
unsigned char c = *t;
const char *e = url_escape_table[c];
if (e && c!='+' && c!='&') {
html_raw(txt, t - txt);
@ -179,7 +179,7 @@ void html_url_arg(const char *txt)
{
const char *t = txt;
while(t && *t){
int c = *t;
unsigned char c = *t;
const char *e = url_escape_table[c];
if (c == ' ')
e = "+";