Synced with the stable branch:

    Revision 1.58.2.2  2002/08/01 17:18:28  oes
    Fixed BR 537651 / SR 579724 (MSIE image detect improper for IE/Mac)

    Revision 1.58.2.1  2002/07/26 15:18:53  oes
    - Bugfix: Executing a filters without jobs no longer results in
      turing off *all* filters.
    - Security fix: Malicious web servers can't cause a seg fault
      through bogus chunk sizes anymore

diff --git a/src/filters.c b/src/filters.c
index 9dd36b9..3c7265b 100644 (file)
--- a/src/filters.c
+++ b/src/filters.c
@@ -1,7 +1,7 @@
-const char filters_rcs[] = "$Id: filters.c,v 2.0 2002/06/04 14:34:21 jongfoster Exp $";
+const char filters_rcs[] = "$Id: filters.c,v 2.1 2002/08/26 11:08:18 sarantis Exp $";
 /*********************************************************************
  *
- * File        :  $Source: /cvsroot/ijbswa/current/src/filters.c,v $
+ * File        :  $Source: /cvsroot/ijbswa//current/src/filters.c,v $
  *
  * Purpose     :  Declares functions to parse/crunch headers and pages.
  *                Functions declared include:
@@ -38,6 +38,9 @@ const char filters_rcs[] = "$Id: filters.c,v 2.0 2002/06/04 14:34:21 jongfoster
  *
  * Revisions   :
  *    $Log: filters.c,v $
+ *    Revision 2.1  2002/08/26 11:08:18  sarantis
+ *    Fix typo.
+ *
  *    Revision 2.0  2002/06/04 14:34:21  jongfoster
  *    Moving source files to src/
  *
@@ -1081,8 +1084,9 @@ struct http_response *redirect_url(struct client_state *csp)
  *
  * Description :  Given a URL, decide whether it is an image or not,
  *                using either the info from a previous +image action
- *                or, #ifdef FEATURE_IMAGE_DETECT_MSIE, the info from
- *                the browser's accept header.
+ *                or, #ifdef FEATURE_IMAGE_DETECT_MSIE, and the browser
+ *                is MSIE and not on a Mac, tell from the browser's accept
+ *                header.
  *
  * Parameters  :
  *          1  :  csp = Current client state (buffers, headers, etc...)
@@ -1097,7 +1101,7 @@ int is_imageurl(struct client_state *csp)
    char *tmp;
 
    tmp = get_header_value(csp->headers, "User-Agent:");
-   if (tmp && strstr(tmp, "MSIE"))
+   if (tmp && strstr(tmp, "MSIE") && !strstr(tmp, "Mac_"))
    {
       tmp = get_header_value(csp->headers, "Accept:");
       if (tmp && strstr(tmp, "image/gif"))
@@ -1318,7 +1322,7 @@ char *pcrs_filter_response(struct client_state *csp)
             if ( NULL == b->joblist )
             {
                log_error(LOG_LEVEL_RE_FILTER, "Filter %s has empty joblist. Nothing to do.", b->name);
-               return(NULL);
+               continue;
             }
 
             log_error(LOG_LEVEL_RE_FILTER, "re_filtering %s%s (size %d) with filter %s...",
@@ -1469,7 +1473,12 @@ int remove_chunked_transfer_coding(char *buffer, const size_t size)
          log_error(LOG_LEVEL_ERROR, "Parse error while stripping \"chunked\" transfer coding");
          return(0);
       }
-      newsize += chunksize;
+
+      if ((newsize += chunksize) >= size)
+      {
+         log_error(LOG_LEVEL_ERROR, "Chunksize exceeds buffer in  \"chunked\" transfer coding");
+         return(0);
+      }
       from_p += 2;
 
       memmove(to_p, from_p, (size_t) chunksize);