Show
Ignore:
Timestamp:
21.09.2010 18:45:17 (9 years ago)
Author:
ak19
Message:

For ticket no 712. Fixes to 2 related crashes that occurred when using a combination of advanced (server.exe and library.cgi depending on which web server was used): 1. When parsing cgi args, arrays stem and fold contained the URL encodings percent-2-C rather than commas for delimiters and weren't split properly resulting in arrays of unexpected lengths (and values). Need to decode the percent-2-C to commas by calling decode_commas() in cgiutils.cpp before splitting. 2. decode_commas in cgiutils.cpp was performing an illegal iterator operation by attempting to peek PAST the end of the iterator which doesn't seem to be allowed by the STL code. When the iteration really got past the end, the iteration operation causes a problem resulting in a server.exe crash of its own.

Files:
1 modified

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone2/runtime-src/src/recpt/cgiutils.cpp

    r22796 r22934  
    412412  text_t::const_iterator end = intext.end (); 
    413413   
    414   while (here != end) { 
    415     if ((here+2<end) && *here == '%' && *(here+1) == '2' && 
    416     (*(here+2) == 'C' || *(here+2) == 'c')) { 
     414  /*while (here != end) { 
     415    if (((here+2)<end) && *here == '%' && *(here+1) == '2' 
     416        && (*(here+2) == 'C' || *(here+2) == 'c')) { 
    417417      here += 2; 
    418418      outtext.push_back(','); 
     
    421421    ++here; 
    422422  } 
     423  return outtext;*/ 
     424 
     425  // iterators do not allow a forward increment/peek that goes past  
     426  // iterator's end: tests like (here+2 <end) above cause errors if  
     427  // the result ends up being > end. So have to test one character  
     428  // at a time, since tests like (here != end) *are* allowed: 
     429 
     430  while (here != end) { // look for "%2C" to replace with "," 
     431     if(*here == '%') { 
     432         ++here; 
     433         if(here != end && *here == '2') { 
     434            ++here; 
     435            if(here != end && (*here == 'C' || *here == 'c')) { 
     436                outtext.push_back(','); 
     437            } else { 
     438                here -= 2; 
     439                outtext.push_back (*here); 
     440            } 
     441         } else { // go back to % char and push it back 
     442            --here; 
     443            outtext.push_back (*here); 
     444         }       
     445     } else { 
     446        outtext.push_back (*here); 
     447     } 
     448 
     449     ++here; 
     450  } // end while 
    423451  return outtext; 
    424452}