ESAPI-C 1.0
The OWASP Enterprise Security API for C
|
Codec module header. More...
Go to the source code of this file.
Data Structures | |
struct | codec |
A codec definition that includes the codec name and its encoder and decoder function pointers. More... | |
Functions | |
bool | hasNext (char *, int, char) |
char | next (const char *, int *, char *) |
char * | nonatohex (char c) |
Lookup the hex value of any character that is not alphanumeric. | |
void | codec_init () |
Initialize an array to mark which characters are to be encoded. | |
Variables | |
codec * | pcodec_unix |
A pointer to the global UNIX command shell codec definition. | |
codec * | pcodec_windows |
A pointer to the global Windows command shell codec definition. |
Codec module header.
The Codec module defines a set of functions for encoding and decoding application level encoding schemes, such as OS Command Shell escape encoding and Database interpreter escape encoding. Codecs are used in output encoding and canonicalization. Individual encoding schemes are implemented in separate modules and are accessed though function pointers in the global codec definition variables. The design of these codecs allows for character-by-character decoding, which is necessary to detect double-encoding and the use of multiple encoding schemes, both of which are techniques used by attackers to bypass validation and bury encoded attacks in data.
Definition in file codec.h.
void codec_init | ( | ) |
char* nonatohex | ( | char | c | ) |
Lookup the hex value of any character that is not alphanumeric.
c | The character to lookup. |
Definition at line 127 of file codec.c.
Referenced by encode_windows_char().