catch more bad ranges in http_argument_urldecode() - kore - Kore is a web application platform for writing scalable, concurrent web based processes in C or Python.

commit 521ff6a11d535f61d28bce03c8fe1862c4b0236e
parent 2139527df7a43866de1c91ac040db890d0a03a86
Author: Joris Vink <joris@coders.se>
Date:   Thu, 28 Jun 2018 15:39:03 +0200

catch more bad ranges in http_argument_urldecode()

Diffstat:
src/http.c  | 5 ++++-

1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/http.c b/src/http.c
@@ -853,10 +853,13 @@ http_argument_urldecode(char *arg)
 		h[3] = *(p + 2);
 		h[4] = '\0';
 
-		v = kore_strtonum(h, 16, 0x20, 0x7e, &err);
+		v = kore_strtonum(h, 16, 0x0, 0xff, &err);
 		if (err != KORE_RESULT_OK)
 			return (err);
 
+		if (v <= 0x1f || v == 0x7f || (v >= 0x80 && v <= 0x9f))
+			return (KORE_RESULT_ERROR);
+
 		*in++ = (char)v;
 		p += 3;
 	}

	kore Kore is a web application platform for writing scalable, concurrent web based processes in C or Python.
	Commits \| Files \| Refs \| README \| LICENSE \| git clone https://git.kore.io/kore.git