Browse Source

[core] use buffer_eq_icase_ssn func

specialized buffer_eq_icase_ssn func replace strncasecmp()
in cases where string lengths are not known to be at least
as large as the len being compared case-insensitively.
(Separate commit in case any future changes modify the
implementation to be unsafe for shorter strings, where
strncasecmp() would stop at '\0' in either string)
personal/stbuehler/ci-build
Glenn Strauss 3 years ago
parent
commit
1300815688
  1. 4
      src/mod_auth.c
  2. 2
      src/mod_authn_gssapi.c
  3. 2
      src/mod_authn_ldap.c
  4. 3
      src/mod_compress.c
  5. 2
      src/mod_vhostdb_ldap.c
  6. 5
      src/mod_webdav.c
  7. 6
      src/mod_wstunnel.c

4
src/mod_auth.c

@ -560,7 +560,7 @@ static handler_t mod_auth_check_basic(server *srv, connection *con, void *p_d, c
return mod_auth_send_401_unauthorized_basic(srv, con, require->realm);
}
if (0 != strncasecmp(b->ptr, "Basic ", sizeof("Basic ")-1)) {
if (!buffer_eq_icase_ssn(b->ptr, CONST_STR_LEN("Basic "))) {
return mod_auth_send_401_unauthorized_basic(srv, con, require->realm);
}
#ifdef __COVERITY__
@ -951,7 +951,7 @@ static handler_t mod_auth_check_digest(server *srv, connection *con, void *p_d,
return mod_auth_send_401_unauthorized_digest(srv, con, require, 0);
}
if (0 != strncasecmp(vb->ptr, "Digest ", sizeof("Digest ")-1)) {
if (!buffer_eq_icase_ssn(vb->ptr, CONST_STR_LEN("Digest "))) {
return mod_auth_send_401_unauthorized_digest(srv, con, require, 0);
} else {
size_t n = buffer_string_length(vb);

2
src/mod_authn_gssapi.c

@ -471,7 +471,7 @@ static handler_t mod_authn_gssapi_check (server *srv, connection *con, void *p_d
return mod_authn_gssapi_send_401_unauthorized_negotiate(con);
}
if (0 != strncasecmp(vb->ptr, "Negotiate ", sizeof("Negotiate ")-1)) {
if (!buffer_eq_icase_ssn(vb->ptr, CONST_STR_LEN("Negotiate "))) {
return mod_authn_gssapi_send_400_bad_request(srv, con);
}

2
src/mod_authn_ldap.c

@ -104,7 +104,7 @@ static void mod_authn_add_scheme (server *srv, buffer *host)
if (!buffer_string_is_empty(srv->tmp_buf))
buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN(","));
for (j = 0; j < sizeof(schemes)/sizeof(char *); ++j) {
if (0 == strncasecmp(b, schemes[j], strlen(schemes[j]))) {
if (buffer_eq_icase_ssn(b, schemes[j], strlen(schemes[j]))) {
break;
}
}

3
src/mod_compress.c

@ -15,7 +15,6 @@
#include <sys/types.h>
#include <sys/stat.h>
#include "sys-strings.h"
#include <fcntl.h>
#include <unistd.h>
@ -798,7 +797,7 @@ static int mod_compress_contains_encoding(const char *headervalue, const char *e
while (*m == ',' || *m == ' ' || *m == '\t') {
++m;
}
if (0 == strncasecmp(m, encoding, len)) {
if (buffer_eq_icase_ssn(m, encoding, len)) {
/*(not a full HTTP field parse: not parsing for q-values and not handling q=0)*/
m += len;
if (*m == '\0' || *m == ',' || *m == ';' || *m == ' ' || *m == '\t')

2
src/mod_vhostdb_ldap.c

@ -68,7 +68,7 @@ static void mod_vhostdb_dbconf_add_scheme (server *srv, buffer *host)
if (!buffer_string_is_empty(srv->tmp_buf))
buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN(","));
for (j = 0; j < sizeof(schemes)/sizeof(char *); ++j) {
if (0 == strncasecmp(b, schemes[j], strlen(schemes[j]))) {
if (buffer_eq_icase_ssn(b, schemes[j], strlen(schemes[j]))) {
break;
}
}

5
src/mod_webdav.c

@ -171,7 +171,6 @@
#include <stdio.h> /* rename() */
#include <stdlib.h> /* strtol() */
#include <string.h>
#include <strings.h> /* strncasecmp() */
#include <unistd.h> /* getpid() linkat() rmdir() unlinkat() */
#ifndef _D_EXACT_NAMLEN
@ -5184,7 +5183,7 @@ mod_webdav_lock (connection * const con, const plugin_config * const pconf)
const char *p = h->ptr;
do {
if ((*p | 0x20) == 's'
&& 0 == strncasecmp(p, CONST_STR_LEN("second-"))) {
&& buffer_eq_icase_ssn(p, CONST_STR_LEN("second-"))) {
long t = strtol(p+sizeof("second-")-1, NULL, 10);
if (0 < t && t < lockdata.timeout)
lockdata.timeout = t > 5 ? t : 5;
@ -5200,7 +5199,7 @@ mod_webdav_lock (connection * const con, const plugin_config * const pconf)
}
#if 0
else if ((*p | 0x20) == 'i'
&& 0 == strncasecmp(p, CONST_STR_LEN("infinity"))) {
&& buffer_eq_icase_ssn(p, CONST_STR_LEN("infinity"))) {
lockdata.timeout = INT32_MAX;
break;
}

6
src/mod_wstunnel.c

@ -411,7 +411,7 @@ static int header_contains_token (buffer *b, const char *m, size_t mlen)
{
for (char *s = b->ptr; s; s = strchr(s, ',')) {
while (*s == ' ' || *s == '\t' || *s == ',') ++s;
if (0 == strncasecmp(s, m, mlen)) {
if (buffer_eq_icase_ssn(s, m, mlen)) {
s += mlen;
if (*s == '\0' || *s == ' ' || *s == '\t' || *s == ',' || *s == ';')
return 1;
@ -535,7 +535,7 @@ static handler_t wstunnel_handler_setup (server *srv, connection *con, plugin_da
if (NULL != vb) {
for (const char *s = vb->ptr; *s; ++s) {
while (*s==' '||*s=='\t'||*s=='\r'||*s=='\n') ++s;
if (0 == strncasecmp(s, "binary", sizeof("binary")-1)) {
if (buffer_eq_icase_ssn(s, CONST_STR_LEN("binary"))) {
s += sizeof("binary")-1;
while (*s==' '||*s=='\t'||*s=='\r'||*s=='\n') ++s;
if (*s==','||*s=='\0') {
@ -544,7 +544,7 @@ static handler_t wstunnel_handler_setup (server *srv, connection *con, plugin_da
break;
}
}
else if (0 == strncasecmp(s, "base64", sizeof("base64")-1)) {
else if (buffer_eq_icase_ssn(s, CONST_STR_LEN("base64"))) {
s += sizeof("base64")-1;
while (*s==' '||*s=='\t'||*s=='\r'||*s=='\n') ++s;
if (*s==','||*s=='\0') {

Loading…
Cancel
Save