From 234f61a74e7ba4be512026d67d4ec9975b80632c Mon Sep 17 00:00:00 2001 From: Alex Dowad Date: Thu, 10 Apr 2014 22:08:00 +0200 Subject: squark-filter: correctly identify URLs which use .. Previously squark-filter could be tricked into passing forbidden URLs by using /../ in the path. This bug resulted from confusion about which way to shrink/grow "blob" buffers in when canonicalizing URLs. --- src/blob.h | 1 + 1 file changed, 1 insertion(+) (limited to 'src/blob.h') diff --git a/src/blob.h b/src/blob.h index c2a394e..ff137af 100644 --- a/src/blob.h +++ b/src/blob.h @@ -65,5 +65,6 @@ int blob_pull_inet_addr(blob_t *b, struct in_addr *saddr); blob_t blob_expand_head(blob_t *b, blob_t limits, unsigned char sep); blob_t blob_expand_tail(blob_t *b, blob_t limits, unsigned char sep); blob_t blob_shrink_tail(blob_t *b, blob_t limits, unsigned char sep); +void blob_expand_head_bytes(blob_t *b, int bytes); #endif -- cgit v1.2.3