Anonymous | Login | Signup for a new account | 11-10-2008 11:06 PST |
Main | My View | View Issues | Change Log | Docs |
Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||||
ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
0001022 | [BusyBox] Networking Support | minor | always | 09-06-06 04:24 | 11-29-06 07:59 | ||||
Reporter | Zombie | View Status | public | ||||||
Assigned To | BusyBox | ||||||||
Priority | normal | Resolution | fixed | ||||||
Status | closed | Product Version | 1.2.x | ||||||
Summary | 0001022: httpd -d returns incorrect result if URL contains %2f ('/') | ||||||||
Description |
Bug was introduced in revision 12978 (http://www.busybox.net/cgi-bin/viewcvs.cgi?rev=12978&view=rev). [^] + if(value1 == '/' || value1 == 0) + return orig+1; This returns one more than the string pointer provided as an argument. While this is used, presumably for a good reason, in the web server, this results in incorrect decoding when using "httpd -d" to URL-decode a string, i.e. the first character is dropped and translation is suspended. Can be reproduced like this: httpd -d 'http://foo.bar.net/cgi-bin/fubar?fubar=foo%2fbar%2cfu' [^] Returns: ttp://foo.bar.net/cgi-bin/fubar?fubar=foo%2fbar%2cfu [^] Should return: http://foo.bar.net/cgi-bin/fubar?fubar=foo/bar,fu [^] |
||||||||
Additional Information | |||||||||
Attached Files | |||||||||
|
Notes | |
(0001634) VEvgeniy 09-11-06 23:38 |
You have delete "value1 == '/' ||" string in httpd.c function decodeString. I have fine result! |
(0001837) vda 11-29-06 07:59 |
Fixed in rev 16721 |
Copyright © 2000 - 2006 Mantis Group |