BusyBox Bug and Patch Tracking
BusyBox
  

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0001022 [BusyBox] Networking Support minor always 09-06-06 04:24 11-29-06 07:59
Reporter Zombie View Status public  
Assigned To BusyBox
Priority normal Resolution fixed  
Status closed   Product Version 1.2.x
Summary 0001022: httpd -d returns incorrect result if URL contains %2f ('/')
Description Bug was introduced in revision 12978 (http://www.busybox.net/cgi-bin/viewcvs.cgi?rev=12978&view=rev). [^]

+ if(value1 == '/' || value1 == 0)
+ return orig+1;

This returns one more than the string pointer provided as an argument. While this is used, presumably for a good reason, in the web server, this results in incorrect decoding when using "httpd -d" to URL-decode a string, i.e. the first character is dropped and translation is suspended.

Can be reproduced like this:
 httpd -d 'http://foo.bar.net/cgi-bin/fubar?fubar=foo%2fbar%2cfu' [^]
Returns:
 ttp://foo.bar.net/cgi-bin/fubar?fubar=foo%2fbar%2cfu [^]
Should return:
 http://foo.bar.net/cgi-bin/fubar?fubar=foo/bar,fu [^]
Additional Information
Attached Files

- Relationships

- Notes
(0001634)
VEvgeniy
09-11-06 23:38

You have delete "value1 == '/' ||" string in httpd.c function decodeString.
I have fine result!
 
(0001837)
vda
11-29-06 07:59

Fixed in rev 16721
 

- Issue History
Date Modified Username Field Change
09-06-06 04:24 Zombie New Issue
09-06-06 04:24 Zombie Status new => assigned
09-06-06 04:24 Zombie Assigned To  => BusyBox
09-11-06 23:38 VEvgeniy Note Added: 0001634
11-29-06 07:59 vda Status assigned => closed
11-29-06 07:59 vda Note Added: 0001837
11-29-06 07:59 vda Resolution open => fixed
11-29-06 07:59 vda Fixed in Version  => 1.2.x


Copyright © 2000 - 2006 Mantis Group
Powered by Mantis Bugtracker