projects
/
privoxy.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
a912ba7
)
cgi_send_banner(): Overrule invalid image types
author
Fabian Keil
<fk@fabiankeil.de>
Sat, 6 Feb 2021 19:43:06 +0000
(20:43 +0100)
committer
Fabian Keil
<fk@fabiankeil.de>
Thu, 25 Feb 2021 14:05:22 +0000
(15:05 +0100)
Prevents a crash with a crafted CGI request if
Privoxy is toggled off.
OVE-
20210206
-0001.
Reported by: Joshua Rogers (Opera)
cgisimple.c
patch
|
blob
|
history
diff --git
a/cgisimple.c
b/cgisimple.c
index
fd47c6d
..
866ac26
100644
(file)
--- a/
cgisimple.c
+++ b/
cgisimple.c
@@
-542,6
+542,14
@@
jb_err cgi_send_banner(struct client_state *csp,
{
char imagetype = lookup(parameters, "type")[0];
+ if (imagetype != 'a' && imagetype != 'b' &&
+ imagetype != 'p' && imagetype != 't')
+ {
+ log_error(LOG_LEVEL_ERROR, "Overruling invalid image type '%c'.",
+ imagetype);
+ imagetype = 'p';
+ }
+
/*
* If type is auto, then determine the right thing
* to do from the set-image-blocker action
projects / privoxy.git / commitdiff