From: Fabian Keil Date: Sat, 6 Feb 2021 19:43:06 +0000 (+0100) Subject: cgi_send_banner(): Overrule invalid image types X-Git-Tag: v_3_0_32~12 X-Git-Url: http://www.privoxy.org/gitweb/%22https:/faq/developer-manual/man-page/static/@user-manual@startup.html?a=commitdiff_plain;h=e711c505c4830ab271938d61af90a2075523f058;p=privoxy.git cgi_send_banner(): Overrule invalid image types Prevents a crash with a crafted CGI request if Privoxy is toggled off. OVE-20210206-0001. Reported by: Joshua Rogers (Opera) --- diff --git a/cgisimple.c b/cgisimple.c index fd47c6d0..866ac263 100644 --- a/cgisimple.c +++ b/cgisimple.c @@ -542,6 +542,14 @@ jb_err cgi_send_banner(struct client_state *csp, { char imagetype = lookup(parameters, "type")[0]; + if (imagetype != 'a' && imagetype != 'b' && + imagetype != 'p' && imagetype != 't') + { + log_error(LOG_LEVEL_ERROR, "Overruling invalid image type '%c'.", + imagetype); + imagetype = 'p'; + } + /* * If type is auto, then determine the right thing * to do from the set-image-blocker action