From 7503c642379cec7a2e14fe6a516d69a1f4d6d94a Mon Sep 17 00:00:00 2001 From: oy Date: Thu, 12 Aug 2010 15:22:07 +0200 Subject: made unpacking of net strings more strict - prevents possible malformed output --- src/base/system.c | 19 +++++++++++++++++++ src/base/system.h | 32 ++++++++++++++++++++++++++++++-- 2 files changed, 49 insertions(+), 2 deletions(-) (limited to 'src/base') diff --git a/src/base/system.c b/src/base/system.c index 457b761a..84f732e7 100644 --- a/src/base/system.c +++ b/src/base/system.c @@ -1092,6 +1092,18 @@ void str_sanitize_strong(char *str_in) } } +/* makes sure that the string only contains the characters between 32 and 255 */ +void str_sanitize_cc(char *str_in) +{ + unsigned char *str = (unsigned char *)str_in; + while(*str) + { + if(*str < 32) + *str = ' '; + str++; + } +} + /* makes sure that the string only contains the characters between 32 and 255 + \r\n\t */ void str_sanitize(char *str_in) { @@ -1104,6 +1116,13 @@ void str_sanitize(char *str_in) } } +char *str_skip_whitespaces(char *str) +{ + while(*str && (*str == ' ' || *str == '\t' || *str == '\n' || *str == '\r')) + str++; + return str; +} + /* case */ int str_comp_nocase(const char *a, const char *b) { diff --git a/src/base/system.h b/src/base/system.h index 0850a08b..c49fbdad 100644 --- a/src/base/system.h +++ b/src/base/system.h @@ -731,10 +731,22 @@ void str_format(char *buffer, int buffer_size, const char *format, ...); */ void str_sanitize_strong(char *str); +/* + Function: str_sanitize_cc + Replaces all characters below 32 with whitespace. + + Parameters: + str - String to sanitize. + + Remarks: + - The strings are treated as zero-termineted strings. +*/ +void str_sanitize_cc(char *str); + /* Function: str_sanitize - Replaces all characters below 32 and above 127 with whitespace with - exception to \r, \n and \r. + Replaces all characters below 32 with whitespace with + exception to \t, \n and \r. Parameters: str - String to sanitize. @@ -744,6 +756,22 @@ void str_sanitize_strong(char *str); */ void str_sanitize(char *str); +/* + Function: str_skip_whitespaces + Skips leading whitespace characters(' ', '\t', '\n', '\r'). + + Parameters: + str - Pointer to the string. + + Returns: + Pointer to the first non-whitespace character found + within the string. + + Remarks: + - The strings are treated as zero-termineted strings. +*/ +char *str_skip_whitespaces(char *str); + /* Function: str_comp_nocase Compares to strings case insensitive. -- cgit 1.4.1