From: Ben Laurie <ben@apache.org>
Date: Sat, 3 Jan 2004 16:31:32 +0000 (+0000)
Subject: Make forensic logging safe for POST data. The issue with strchr and NUL is
X-Git-Tag: pre_ajp_proxy~884
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9936f62aaa8fe19cdcbaa8872db475d86ed6aa48;p=apache

Make forensic logging safe for POST data. The issue with strchr and NUL is
a red herring.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102158 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/server/gen_test_char.c b/server/gen_test_char.c
index d37ba6d9b6..a247c3bfef 100644
--- a/server/gen_test_char.c
+++ b/server/gen_test_char.c
@@ -90,8 +90,7 @@ int main(int argc, char *argv[])
            "#define T_ESCAPE_LOGITEM       (%u)\n"
            "#define T_ESCAPE_FORENSIC      (%u)\n"
            "\n"
-           "static const unsigned char test_char_table[256] = {\n"
-           "    0,",
+           "static const unsigned char test_char_table[256] = {",
            T_ESCAPE_SHELL_CMD,
            T_ESCAPE_PATH_SEGMENT,
            T_OS_ESCAPE_PATH,
@@ -99,10 +98,7 @@ int main(int argc, char *argv[])
            T_ESCAPE_LOGITEM,
            T_ESCAPE_FORENSIC);
 
-    /* we explicitly dealt with NUL above
-     * in case some strchr() do bogosity with it */
-
-    for (c = 1; c < 256; ++c) {
+    for (c = 0; c < 256; ++c) {
         flags = 0;
         if (c % 20 == 0)
             printf("\n    ");
@@ -154,7 +150,7 @@ int main(int argc, char *argv[])
          * :, | (used as delimiters) and % (used for escaping).
          */
         if (!apr_isprint(c) || c == ':' || c == '|' || c == '%'
-            || apr_iscntrl(c)) {
+            || apr_iscntrl(c) || !c) {
             flags |= T_ESCAPE_FORENSIC;
         }