On 05/31/2011 07:30 PM, Alex Rousskov wrote:
On Tue, 31 May 2011, Amos Jeffries wrote:
On 31/05/11 01:40, Tsantilas Christos wrote:
This is the third patch.
In this patch also solved a small buffer overread which exist in the
original httpHeaderParseQuotedString function. The loop:
while (
On Tue, 31 May 2011, Amos Jeffries wrote:
On 31/05/11 01:40, Tsantilas Christos wrote:
This is the third patch.
In this patch also solved a small buffer overread which exist in the
original httpHeaderParseQuotedString function. The loop:
while (end <= (start+len) && *end != '\\' && *end !=
On 31/05/11 01:40, Tsantilas Christos wrote:
This is the third patch.
In this patch also solved a small buffer overread which exist in the
original httpHeaderParseQuotedString function. The loop:
while (end <= (start+len) && *end != '\\' && *end != '\"' && *end > 0x1F
&& *end != 0x7F)
if (*end
This is the third patch.
In this patch also solved a small buffer overread which exist in the
original httpHeaderParseQuotedString function. The loop:
while (end <= (start+len) && *end != '\\' && *end != '\"' && *end >
0x1F && *end != 0x7F)
if (*end <= 0x1F || *end == 0x7F) {
...
allowe
On 27/05/11 23:21, Tsantilas Christos wrote:
Hi all,
Just trying to clarify what we want to implement at the end, because I
am confused. I am responsible for the confusion because I give two "(3)"
options, and I send buggy implementations for the "(1)" and the "second
(3)" option.
From what I
Hi all,
Just trying to clarify what we want to implement at the end, because I
am confused. I am responsible for the confusion because I give two "(3)"
options, and I send buggy implementations for the "(1)" and the "second
(3)" option.
From what I can understand, currently, we have the fo
On 05/26/2011 11:13 PM, Alex Rousskov wrote:
On 05/26/2011 10:20 AM, Amos Jeffries wrote:
Implementation:
while (*pos != '"'&& len> (pos-start)) {
+
+if (*pos =='\r') {
+pos ++;
+if (*(pos++) != '\n' || (*pos != ' '&& *pos != '\t')) {
Can the ab
On 05/26/2011 11:38 PM, Alex Rousskov wrote:
On 05/26/2011 10:23 AM, Tsantilas Christos wrote:
Can the above double increment lead to *pos pointing beyond the string
boundaries?
Yes it can, but we do not care because we do not modifying anything
but we are _reading_ those values. I guess the
On 05/26/2011 10:23 AM, Tsantilas Christos wrote:
>> Can the above double increment lead to *pos pointing beyond the string
>> boundaries?
>
> Yes it can, but we do not care because we do not modifying anything
but we are _reading_ those values. I guess there is an undocumented
assumption that th
On 05/26/2011 10:20 AM, Amos Jeffries wrote:
> while (end <= (start+len) && *end != '\\' && *end != '\"' && *end >
> 0x1F && *end != 0x7F)
> end++;
> -if (*end <= 0x1F || *end == 0x7F) {
> +if ((*end <= 0x1F && *end != '\r') || *end == 0x7F) {
>
On 05/26/2011 10:20 AM, Amos Jeffries wrote:
>>
>> Implementation:
>>
>>> while (*pos != '"'&& len> (pos-start)) {
>>> +
>>> +if (*pos =='\r') {
>>> +pos ++;
>>> +if (*(pos++) != '\n' || (*pos != ' '&& *pos != '\t')) {
>>
>> Can the above double increment l
On 05/26/2011 06:01 PM, Alex Rousskov wrote:
On 05/26/2011 06:14 AM, Amos Jeffries wrote:
On 26/05/11 19:02, Tsantilas Christos wrote:
On 05/26/2011 07:42 AM, Amos Jeffries wrote:
On Wed, 25 May 2011 20:07:13 +0300, Tsantilas Christos wrote:
The second patch does not look slower, but maybe we
On 27/05/11 03:01, Alex Rousskov wrote:
On 05/26/2011 06:14 AM, Amos Jeffries wrote:
On 26/05/11 19:02, Tsantilas Christos wrote:
On 05/26/2011 07:42 AM, Amos Jeffries wrote:
On Wed, 25 May 2011 20:07:13 +0300, Tsantilas Christos wrote:
The second patch does not look slower, but maybe we do n
On 05/26/2011 06:14 AM, Amos Jeffries wrote:
> On 26/05/11 19:02, Tsantilas Christos wrote:
>> On 05/26/2011 07:42 AM, Amos Jeffries wrote:
>>> On Wed, 25 May 2011 20:07:13 +0300, Tsantilas Christos wrote:
The second patch does not look slower, but maybe we do not want to be
strict for ma
On 26/05/11 19:02, Tsantilas Christos wrote:
On 05/26/2011 07:42 AM, Amos Jeffries wrote:
On Wed, 25 May 2011 20:07:13 +0300, Tsantilas Christos wrote:
Here are two patches the first implements the (1) and the second the
(3).
Attach?
oops!
Now attsached.
The second patch does not look sl
On 05/26/2011 07:42 AM, Amos Jeffries wrote:
On Wed, 25 May 2011 20:07:13 +0300, Tsantilas Christos wrote:
Here are two patches the first implements the (1) and the second the (3).
Attach?
oops!
Now attsached.
The second patch does not look slower, but maybe we do not want to be
strict fo
On Wed, 25 May 2011 20:07:13 +0300, Tsantilas Christos wrote:
Here are two patches the first implements the (1) and the second the
(3).
Attach?
The second patch does not look slower, but maybe we do not want to be
strict for many reasons. One reason is that this function used to
"Configurable
Here are two patches the first implements the (1) and the second the (3).
The second patch does not look slower, but maybe we do not want to be
strict for many reasons. One reason is that this function used to
"Configurable SSL error details messages" patch, to parse the "descr:"
and "detail:"
On 25/05/11 22:44, Tsantilas Christos wrote:
The quoted string fields parsing done in squid3 using the
httpHeaderParseQuotedString function (HttpHeaderTools.cc file)
I found that we do not support multiline quoted string fields, but
according the rfc2616 multiline quoted string fields should sup
The quoted string fields parsing done in squid3 using the
httpHeaderParseQuotedString function (HttpHeaderTools.cc file)
I found that we do not support multiline quoted string fields, but
according the rfc2616 multiline quoted string fields should supported:
quoted-string = ( <"> *(qdtext
20 matches
Mail list logo
