View | Details | Raw Unified | Return to bug 48401
Collapse All | Expand All

(-)cache_storage.c (-12 / +43 lines)
Lines 503-523 Link Here
503
            /*
503
            /*
504
             * Check if the identifier is in the querystring and cut it out.
504
             * Check if the identifier is in the querystring and cut it out.
505
             */
505
             */
506
            if (querystring
506
            if (querystring) {
507
                && (param = strstr(querystring, *identifier))
507
                /*
508
                && (*(param + len) == '=')
508
                 * First check if the identifier is at the beginning of the
509
                ) {
509
                 * querystring and followed by a '='
510
                char *amp;
510
                 */
511
511
                if (!strncmp(querystring, *identifier, len)
512
                if (querystring != param) {
512
                    && (*(querystring + len) == '=')) {
513
                    querystring = apr_pstrndup(p, querystring,
513
                    param = querystring;
514
                                               param - querystring);
515
                }
514
                }
516
                else {
515
                else {
517
                    querystring = "";
516
                    char *complete;
517
518
                    /*
519
                     * In order to avoid subkey matching (PR 48401) prepend
520
                     * identifier with a '&' and append a '='
521
                     */
522
                    complete = apr_pstrcat(p, "&", *identifier, "=", NULL);
523
                    param = strstr(querystring, complete);
524
                    /* If we found something we are sitting on the '&' */
525
                    if (param) {
526
                        param++;
527
                    }
518
                }
528
                }
519
                if ((amp = strchr(param + len + 1, '&'))) {
529
                if (param) {
520
                    querystring = apr_pstrcat(p, querystring, amp + 1, NULL);
530
                    char *amp;
531
532
                    if (querystring != param) {
533
                        querystring = apr_pstrndup(p, querystring,
534
                                               param - querystring);
535
                    }
536
                    else {
537
                        querystring = "";
538
                    }
539
                    
540
                    if ((amp = strchr(param + len + 1, '&'))) {
541
                        querystring = apr_pstrcat(p, querystring, amp + 1, NULL);
542
                    }
543
                    else {
544
                        /* if querystring is not "", then the above codes
545
                         * guarantees that it ends with '&', remove the '&'.
546
                         */
547
                        if (*querystring) {
548
                            int qs_len_idx = strlen(querystring) - 1;
549
                            querystring[qs_len_idx] = '\0';
550
                        }
551
                    }
521
                }
552
                }
522
                break;
553
                break;
523
            }
554
            }

Return to bug 48401