parse_cgi_parameters(): Make sure the maximum number of segments is large enough

[privoxy.git] / cgi.c

diff --git a/cgi.c b/cgi.c
index 7518219..6c78806 100644 (file)
--- a/cgi.c
+++ b/cgi.c
@@ -457,7 +457,7 @@ static int referrer_is_safe(const struct client_state *csp)
       log_error(LOG_LEVEL_ERROR, "Denying access to %s. No referrer found.",
          csp->http->url);
    }
-   else if ((0 == strncmp(referrer, CGI_PREFIX, sizeof(CGI_PREFIX)-1))
+   else if ((0 == strncmp(referrer, CGI_PREFIX_HTTP, sizeof(CGI_PREFIX_HTTP)-1))
 #ifdef FEATURE_HTTPS_INSPECTION
          || (0 == strncmp(referrer, CGI_PREFIX_HTTPS, sizeof(CGI_PREFIX_HTTPS)-1))
          || (0 == strncmp(referrer, alt_prefix_https, strlen(alt_prefix_https)))
@@ -663,16 +663,7 @@ static struct map *parse_cgi_parameters(char *argstring)
     *      The same hack is used in get_last_url() so it looks like
     *      a real solution is needed.
     */
-   size_t max_segments = strlen(argstring) / 2;
-   if (max_segments == 0)
-   {
-      /*
-       * XXX: If the argstring is empty, there's really
-       *      no point in creating a param list, but currently
-       *      other parts of Privoxy depend on the list's existence.
-       */
-      max_segments = 1;
-   }
+   size_t max_segments = strlen(argstring) / 2 + 1;
    vector = malloc_or_die(max_segments * sizeof(char *));
 
    cgi_params = new_map();
@@ -1277,7 +1268,7 @@ jb_err cgi_error_unknown(const struct client_state *csp,
    static const char body_suffix[] =
       "</b></p>\n"
       "<p>Please "
-      "<a href=\"http://sourceforge.net/tracker/?group_id=11118&amp;atid=111118\">"
+      "<a href=\"https://sourceforge.net/p/ijbswa/bugs/\">"
       "file a bug report</a>.</p>\n"
       "</body>\n"
       "</html>\n";
@@ -2216,11 +2207,7 @@ struct map *default_exports(const struct client_state *csp, const char *caller)
    if (!err) err = map(exports, "homepage",      1, html_encode(HOME_PAGE_URL), 0);
    if (!err)
    {
-      err = map(exports, "default-cgi",   1, html_encode(
-#ifdef FEATURE_HTTPS_INSPECTION
-        client_use_ssl(csp) ? CGI_PREFIX_HTTPS :
-#endif
-        CGI_PREFIX), 0);
+      err = map(exports, "default-cgi",   1, html_encode(CGI_PREFIX), 0);
    }
    if (!err) err = map(exports, "menu",          1, make_menu(csp, caller), 0);
    if (!err) err = map(exports, "code-status",   1, CODE_STATUS, 1);
@@ -2235,11 +2222,7 @@ struct map *default_exports(const struct client_state *csp, const char *caller)
       /* Manual is delivered by Privoxy. */
       if (!err)
       {
-         err = map(exports, "user-manual", 1, html_encode(
-#ifdef FEATURE_HTTPS_INSPECTION
-           client_use_ssl(csp) ? CGI_PREFIX_HTTPS"user-manual/" :
-#endif
-           CGI_PREFIX"user-manual/"), 0);
+         err = map(exports, "user-manual", 1, html_encode(CGI_PREFIX"user-manual/"), 0);
       }
    }
    if (!err) err = map(exports, "actions-help-prefix", 1, ACTIONS_HELP_PREFIX ,1);
@@ -2457,11 +2440,7 @@ char *make_menu(const struct client_state *csp, const char *self)
           * the "blocked" template's JavaScript.
           */
          string_append(&result, "<li><a href=\"");
-         html_encoded_prefix = html_encode(
-#ifdef FEATURE_HTTPS_INSPECTION
-            client_use_ssl(csp) ? CGI_PREFIX_HTTPS :
-#endif
-            CGI_PREFIX);
+         html_encoded_prefix = html_encode(CGI_PREFIX);
          if (html_encoded_prefix == NULL)
          {
             return NULL;