diff options
author | Alex Dowad <alexinbeijing@gmail.com> | 2014-04-10 22:08:00 +0200 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2014-04-25 10:18:11 +0300 |
commit | 234f61a74e7ba4be512026d67d4ec9975b80632c (patch) | |
tree | fb2e323e08dff1fba6e1aacf29c00905c31278e3 /src/blob.h | |
parent | b7eac294771a72711208d288657a5667d65e8882 (diff) | |
download | squark-234f61a74e7ba4be512026d67d4ec9975b80632c.tar.bz2 squark-234f61a74e7ba4be512026d67d4ec9975b80632c.tar.xz |
squark-filter: correctly identify URLs which use ..
Previously squark-filter could be tricked into passing forbidden URLs
by using /../ in the path. This bug resulted from confusion about which
way to shrink/grow "blob" buffers in when canonicalizing URLs.
Diffstat (limited to 'src/blob.h')
-rw-r--r-- | src/blob.h | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -65,5 +65,6 @@ int blob_pull_inet_addr(blob_t *b, struct in_addr *saddr); blob_t blob_expand_head(blob_t *b, blob_t limits, unsigned char sep); blob_t blob_expand_tail(blob_t *b, blob_t limits, unsigned char sep); blob_t blob_shrink_tail(blob_t *b, blob_t limits, unsigned char sep); +void blob_expand_head_bytes(blob_t *b, int bytes); #endif |