diff options
author | Sébastien Marie <semarie@users.noreply.github.com> | 2015-06-23 12:03:53 +0200 |
---|---|---|
committer | Sébastien Marie <semarie@users.noreply.github.com> | 2015-06-23 12:03:53 +0200 |
commit | 3873b23c53de31074d294d127077e691662150c2 (patch) | |
tree | e4192f889da259811fad4e4ab1a92620f1954116 /httpd | |
parent | a6ac783e163ccffbcd2d28627497a7bb31a9dd3b (diff) | |
download | httpd-3873b23c53de31074d294d127077e691662150c2.tar.gz httpd-3873b23c53de31074d294d127077e691662150c2.zip |
add a new control for repetitor items
- add a counter for limiting the search for repetitor items ('*', '+',
'-' and '?')
- add test case for this new kind of error
Diffstat (limited to 'httpd')
-rw-r--r-- | httpd/patterns.c | 7 | ||||
-rw-r--r-- | httpd/patterns.h | 1 |
2 files changed, 8 insertions, 0 deletions
diff --git a/httpd/patterns.c b/httpd/patterns.c index 1dbea15..62c8078 100644 --- a/httpd/patterns.c +++ b/httpd/patterns.c @@ -48,6 +48,7 @@ struct match_state { int matchdepth; /* control for recursive depth (to avoid C * stack overflow) */ + int repetitioncounter; /* control the repetition items */ int maxcaptures; /* configured capture limit */ const char *src_init; /* init of source string */ const char *src_end; /* end ('\0') of source string */ @@ -425,6 +426,11 @@ match(struct match_state *ms, const char *s, const char *p) /* does not match at least once? */ if (!singlematch(ms, s, p, ep)) { + if (ms->repetitioncounter-- == 0) { + match_error(ms, "max repetition items"); + s = NULL; /* fail */ + } else + /* accept empty? */ if (*ep == '*' || *ep == '?' || *ep == '-') { p = ep + 1; @@ -615,6 +621,7 @@ str_find_aux(struct match_state *ms, const char *pattern, const char *string, } ms->maxcaptures = (nsm > MAXCAPTURES ? MAXCAPTURES : nsm) - 1; ms->matchdepth = MAXCCALLS; + ms->repetitioncounter = MAXREPETITION; ms->src_init = s; ms->src_end = s + ls; ms->p_end = p + lp; diff --git a/httpd/patterns.h b/httpd/patterns.h index ddda0dd..6db5991 100644 --- a/httpd/patterns.h +++ b/httpd/patterns.h @@ -24,6 +24,7 @@ #define MAXCAPTURES 32 /* Max no. of allowed captures in pattern */ #define MAXCCALLS 200 /* Max recusion depth in pattern matching */ +#define MAXREPETITION 0xfffff /* Max for repetition items */ struct str_find { off_t sm_so; /* start offset of match */ |