summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGlenn Strauss <gstrauss@gluelogic.com>2019-06-06 01:49:38 -0400
committerGlenn Strauss <gstrauss@gluelogic.com>2019-06-06 02:48:43 -0400
commit1300815688497ed2a0b778db496cdec3e90e526a (patch)
tree149a03660bf4a637dc717c24f4e98cff26c88db6
parente20b5318d51f32b259c9edc8a16d919b139e6d10 (diff)
downloadlighttpd1.4-1300815688497ed2a0b778db496cdec3e90e526a.zip
lighttpd1.4-1300815688497ed2a0b778db496cdec3e90e526a.tar.gz
[core] use buffer_eq_icase_ssn func
specialized buffer_eq_icase_ssn func replace strncasecmp() in cases where string lengths are not known to be at least as large as the len being compared case-insensitively. (Separate commit in case any future changes modify the implementation to be unsafe for shorter strings, where strncasecmp() would stop at '\0' in either string)
-rw-r--r--src/mod_auth.c4
-rw-r--r--src/mod_authn_gssapi.c2
-rw-r--r--src/mod_authn_ldap.c2
-rw-r--r--src/mod_compress.c3
-rw-r--r--src/mod_vhostdb_ldap.c2
-rw-r--r--src/mod_webdav.c5
-rw-r--r--src/mod_wstunnel.c6
7 files changed, 11 insertions, 13 deletions
diff --git a/src/mod_auth.c b/src/mod_auth.c
index 90be727..e093ce5 100644
--- a/src/mod_auth.c
+++ b/src/mod_auth.c
@@ -560,7 +560,7 @@ static handler_t mod_auth_check_basic(server *srv, connection *con, void *p_d, c
return mod_auth_send_401_unauthorized_basic(srv, con, require->realm);
}
- if (0 != strncasecmp(b->ptr, "Basic ", sizeof("Basic ")-1)) {
+ if (!buffer_eq_icase_ssn(b->ptr, CONST_STR_LEN("Basic "))) {
return mod_auth_send_401_unauthorized_basic(srv, con, require->realm);
}
#ifdef __COVERITY__
@@ -951,7 +951,7 @@ static handler_t mod_auth_check_digest(server *srv, connection *con, void *p_d,
return mod_auth_send_401_unauthorized_digest(srv, con, require, 0);
}
- if (0 != strncasecmp(vb->ptr, "Digest ", sizeof("Digest ")-1)) {
+ if (!buffer_eq_icase_ssn(vb->ptr, CONST_STR_LEN("Digest "))) {
return mod_auth_send_401_unauthorized_digest(srv, con, require, 0);
} else {
size_t n = buffer_string_length(vb);
diff --git a/src/mod_authn_gssapi.c b/src/mod_authn_gssapi.c
index ef0c8bb..4439c3b 100644
--- a/src/mod_authn_gssapi.c
+++ b/src/mod_authn_gssapi.c
@@ -471,7 +471,7 @@ static handler_t mod_authn_gssapi_check (server *srv, connection *con, void *p_d
return mod_authn_gssapi_send_401_unauthorized_negotiate(con);
}
- if (0 != strncasecmp(vb->ptr, "Negotiate ", sizeof("Negotiate ")-1)) {
+ if (!buffer_eq_icase_ssn(vb->ptr, CONST_STR_LEN("Negotiate "))) {
return mod_authn_gssapi_send_400_bad_request(srv, con);
}
diff --git a/src/mod_authn_ldap.c b/src/mod_authn_ldap.c
index f95234b..d81303e 100644
--- a/src/mod_authn_ldap.c
+++ b/src/mod_authn_ldap.c
@@ -104,7 +104,7 @@ static void mod_authn_add_scheme (server *srv, buffer *host)
if (!buffer_string_is_empty(srv->tmp_buf))
buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN(","));
for (j = 0; j < sizeof(schemes)/sizeof(char *); ++j) {
- if (0 == strncasecmp(b, schemes[j], strlen(schemes[j]))) {
+ if (buffer_eq_icase_ssn(b, schemes[j], strlen(schemes[j]))) {
break;
}
}
diff --git a/src/mod_compress.c b/src/mod_compress.c
index ec475d5..4bdfa30 100644
--- a/src/mod_compress.c
+++ b/src/mod_compress.c
@@ -15,7 +15,6 @@
#include <sys/types.h>
#include <sys/stat.h>
-#include "sys-strings.h"
#include <fcntl.h>
#include <unistd.h>
@@ -798,7 +797,7 @@ static int mod_compress_contains_encoding(const char *headervalue, const char *e
while (*m == ',' || *m == ' ' || *m == '\t') {
++m;
}
- if (0 == strncasecmp(m, encoding, len)) {
+ if (buffer_eq_icase_ssn(m, encoding, len)) {
/*(not a full HTTP field parse: not parsing for q-values and not handling q=0)*/
m += len;
if (*m == '\0' || *m == ',' || *m == ';' || *m == ' ' || *m == '\t')
diff --git a/src/mod_vhostdb_ldap.c b/src/mod_vhostdb_ldap.c
index 234c2ba..ba18874 100644
--- a/src/mod_vhostdb_ldap.c
+++ b/src/mod_vhostdb_ldap.c
@@ -68,7 +68,7 @@ static void mod_vhostdb_dbconf_add_scheme (server *srv, buffer *host)
if (!buffer_string_is_empty(srv->tmp_buf))
buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN(","));
for (j = 0; j < sizeof(schemes)/sizeof(char *); ++j) {
- if (0 == strncasecmp(b, schemes[j], strlen(schemes[j]))) {
+ if (buffer_eq_icase_ssn(b, schemes[j], strlen(schemes[j]))) {
break;
}
}
diff --git a/src/mod_webdav.c b/src/mod_webdav.c
index 3990529..16f7417 100644
--- a/src/mod_webdav.c
+++ b/src/mod_webdav.c
@@ -171,7 +171,6 @@
#include <stdio.h> /* rename() */
#include <stdlib.h> /* strtol() */
#include <string.h>
-#include <strings.h> /* strncasecmp() */
#include <unistd.h> /* getpid() linkat() rmdir() unlinkat() */
#ifndef _D_EXACT_NAMLEN
@@ -5184,7 +5183,7 @@ mod_webdav_lock (connection * const con, const plugin_config * const pconf)
const char *p = h->ptr;
do {
if ((*p | 0x20) == 's'
- && 0 == strncasecmp(p, CONST_STR_LEN("second-"))) {
+ && buffer_eq_icase_ssn(p, CONST_STR_LEN("second-"))) {
long t = strtol(p+sizeof("second-")-1, NULL, 10);
if (0 < t && t < lockdata.timeout)
lockdata.timeout = t > 5 ? t : 5;
@@ -5200,7 +5199,7 @@ mod_webdav_lock (connection * const con, const plugin_config * const pconf)
}
#if 0
else if ((*p | 0x20) == 'i'
- && 0 == strncasecmp(p, CONST_STR_LEN("infinity"))) {
+ && buffer_eq_icase_ssn(p, CONST_STR_LEN("infinity"))) {
lockdata.timeout = INT32_MAX;
break;
}
diff --git a/src/mod_wstunnel.c b/src/mod_wstunnel.c
index f05daac..ed5174a 100644
--- a/src/mod_wstunnel.c
+++ b/src/mod_wstunnel.c
@@ -411,7 +411,7 @@ static int header_contains_token (buffer *b, const char *m, size_t mlen)
{
for (char *s = b->ptr; s; s = strchr(s, ',')) {
while (*s == ' ' || *s == '\t' || *s == ',') ++s;
- if (0 == strncasecmp(s, m, mlen)) {
+ if (buffer_eq_icase_ssn(s, m, mlen)) {
s += mlen;
if (*s == '\0' || *s == ' ' || *s == '\t' || *s == ',' || *s == ';')
return 1;
@@ -535,7 +535,7 @@ static handler_t wstunnel_handler_setup (server *srv, connection *con, plugin_da
if (NULL != vb) {
for (const char *s = vb->ptr; *s; ++s) {
while (*s==' '||*s=='\t'||*s=='\r'||*s=='\n') ++s;
- if (0 == strncasecmp(s, "binary", sizeof("binary")-1)) {
+ if (buffer_eq_icase_ssn(s, CONST_STR_LEN("binary"))) {
s += sizeof("binary")-1;
while (*s==' '||*s=='\t'||*s=='\r'||*s=='\n') ++s;
if (*s==','||*s=='\0') {
@@ -544,7 +544,7 @@ static handler_t wstunnel_handler_setup (server *srv, connection *con, plugin_da
break;
}
}
- else if (0 == strncasecmp(s, "base64", sizeof("base64")-1)) {
+ else if (buffer_eq_icase_ssn(s, CONST_STR_LEN("base64"))) {
s += sizeof("base64")-1;
while (*s==' '||*s=='\t'||*s=='\r'||*s=='\n') ++s;
if (*s==','||*s=='\0') {