Attachment #24723 for bug #48401

View | Details | Raw Unified | Return to bug 48401
Collapse All | Expand All




            /*
             * Check if the identifier is in the querystring and cut it out.
             */
            if (querystring) {
                /*
                 * First check if the identifier is at the beginning of the
                 * querystring and followed by a '='
                 */
                if (!strncmp(querystring, *identifier, len)
                    && (*(querystring + len) == '=')) {
                    param = querystring;
                                               param - querystring);
                }
                else {
                    char *complete;

                    /*
                     * In order to avoid subkey matching (PR 48401) prepend
                     * identifier with a '&' and append a '='
                     */
                    complete = apr_pstrcat(p, "&", *identifier, "=", NULL);
                    param = strstr(querystring, complete);
                    /* If we found something we are sitting on the '&' */
                    if (param) {
                        param++;
                    }
                }
                if (param) {
                    char *amp;


                    if (querystring != param) {
                        querystring = apr_pstrndup(p, querystring,
                                               param - querystring);
                    }
                    else {
                        querystring = "";
                    }
                    if ((amp = strchr(param + len + 1, '&'))) {
                        querystring = apr_pstrcat(p, querystring, amp + 1, NULL);
                    }
                    /* Check for a trailing '&' and remove it */
                    else {
                        int qs_len_idx;

                        qs_len_idx = strlen(querystring) - 1;
                        if (querystring[qs_len_idx] == '&') {
                            querystring[qs_len_idx] = '\0';
                        }
                    }
                }
                break;
            }

Return to bug 48401

Lines 503-523 Link Here

(-)modules/cache/cache_storage.c (-12 / +43 lines)
503	/*	503	/*
504	* Check if the identifier is in the querystring and cut it out.	504	* Check if the identifier is in the querystring and cut it out.
505	*/	505	*/
506	if (querystring	506	if (querystring) {
507	&& (param = strstr(querystring, *identifier))	507	/*
508	&& (*(param + len) == '=')	508	* First check if the identifier is at the beginning of the
509	) {	509	* querystring and followed by a '='
510	char *amp;	510	*/
511		511	if (!strncmp(querystring, *identifier, len)
512	if (querystring != param) {	512	&& (*(querystring + len) == '=')) {
513	querystring = apr_pstrndup(p, querystring,	513	param = querystring;
514	param - querystring);
515	}	514	}
516	else {	515	else {
517	querystring = "";	516	char *complete;
		517
		518	/*
		519	* In order to avoid subkey matching (PR 48401) prepend
		520	* identifier with a '&' and append a '='
		521	*/
		522	complete = apr_pstrcat(p, "&", *identifier, "=", NULL);
		523	param = strstr(querystring, complete);
		524	/* If we found something we are sitting on the '&' */
		525	if (param) {
		526	param++;
		527	}
518	}	528	}
519	if ((amp = strchr(param + len + 1, '&'))) {	529	if (param) {
520	querystring = apr_pstrcat(p, querystring, amp + 1, NULL);	530	char *amp;
		531
		532
		533	if (querystring != param) {
		534	querystring = apr_pstrndup(p, querystring,
		535	param - querystring);
		536	}
		537	else {
		538	querystring = "";
		539	}
		540	if ((amp = strchr(param + len + 1, '&'))) {
		541	querystring = apr_pstrcat(p, querystring, amp + 1, NULL);
		542	}
		543	/* Check for a trailing '&' and remove it */
		544	else {
		545	int qs_len_idx;
		546
		547	qs_len_idx = strlen(querystring) - 1;
		548	if (querystring[qs_len_idx] == '&') {
		549	querystring[qs_len_idx] = '\0';
		550	}
		551	}
521	}	552	}
522	break;	553	break;
523	}	554	}