Refuse null keys in evhttp_parse_query()

evhttp_parse_query() currently accepts empty keys, that don't make any
sense.

-Frank

[From sourceforge patch 2995183]
-Nick

diff --git a/http.c b/http.c
index c92f60fc40e6dbf065947df35e251fdd8ea996d1..53943c78943ee072386609529589903a6e87f384 100644 (file)
--- a/http.c
+++ b/http.c
@@ -2335,7 +2335,7 @@ evhttp_parse_query(const char *uri, struct evkeyvalq *headers)
 
                value = argument;
                key = strsep(&value, "=");
-               if (value == NULL)
+               if (value == NULL || *key == '\0')
                        goto error;
 
                if ((decoded_value = mm_malloc(strlen(value) + 1)) == NULL) {