Browse Source

[mod_ssi] fix SSI statement parser

bug introduced in 8e3c6bf7 when statement parser was replaced
personal/stbuehler/mod-csrf-old
Glenn Strauss 6 years ago
parent
commit
df146a7724
  1. 5
      src/mod_ssi.c
  2. 2
      tests/docroot/www/ssi-include.shtml
  3. 1
      tests/docroot/www/ssi-include.txt
  4. 12
      tests/mod-ssi.t

5
src/mod_ssi.c

@ -1055,6 +1055,7 @@ static int mod_ssi_stmt_len(const char *s, const int len) {
break;
case '-':
if (!sq && !dq && n+2 < len && s[n+1] == '-' && s[n+2] == '>') return n+3; /* found end of stmt */
break;
case '"':
if (!sq && (!dq || !bs)) dq = !dq; break;
case '\'':
@ -1078,7 +1079,7 @@ static void mod_ssi_read_fd(server *srv, connection *con, plugin_data *p, int fd
size_t prelen = 0, len;
offset += (size_t)rd;
for (; (s = memchr(buf+prelen, '<', offset-prelen)); ++prelen) {
prelen = buf - s;
prelen = s - buf;
if (prelen + 5 <= offset) { /*("<!--#" is 5 chars)*/
if (0 != memcmp(s+1, CONST_STR_LEN("!--#"))) continue; /* loop to loop for next '<' */
@ -1090,7 +1091,7 @@ static void mod_ssi_read_fd(server *srv, connection *con, plugin_data *p, int fd
if (len) { /* num of chars to be consumed */
mod_ssi_parse_ssi_stmt(srv, con, p, buf+prelen, len, st);
prelen += (len - 1); /* offset to '>' at end of SSI directive; incremented at top of loop */
pretag += len;
pretag = prelen + 1;
if (pretag == offset) {
offset = pretag = 0;
break;

2
tests/docroot/www/ssi-include.shtml

@ -0,0 +1,2 @@
<!--#include virtual="ssi-include.txt" -->
<!--#include file="ssi-include.txt" -->

1
tests/docroot/www/ssi-include.txt

@ -0,0 +1 @@
ssi-include

12
tests/mod-ssi.t

@ -8,7 +8,7 @@ BEGIN {
use strict;
use IO::Socket;
use Test::More tests => 4;
use Test::More tests => 5;
use LightyTest;
my $tf = LightyTest->new();
@ -16,8 +16,6 @@ my $t;
ok($tf->start_proc == 0, "Starting lighttpd") or die();
# mod-cgi
#
$t->{REQUEST} = ( <<EOF
GET /ssi.shtml HTTP/1.0
EOF
@ -35,5 +33,13 @@ $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-
ok($tf->handle_http($t) == 0, 'ssi - echo ');
$t->{REQUEST} = ( <<EOF
GET /ssi-include.shtml HTTP/1.0
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => "ssi-include\n\nssi-include\n\n" } ];
ok($tf->handle_http($t) == 0, 'ssi - include');
ok($tf->stop_proc == 0, "Stopping lighttpd");

Loading…
Cancel
Save