From: Fabian Keil <fk@fabiankeil.de>
Date: Sat, 6 Feb 2021 19:43:06 +0000 (+0100)
Subject: cgi_send_banner(): Overrule invalid image types
X-Git-Tag: v_3_0_32~12
X-Git-Url: http://www.privoxy.org/gitweb/@default-cgi@/faq/%22https:/user-manual/@default-cgi@send-banner?a=commitdiff_plain;h=e711c505c4830ab271938d61af90a2075523f058;p=privoxy.git

cgi_send_banner(): Overrule invalid image types

Prevents a crash with a crafted CGI request if
Privoxy is toggled off.

OVE-20210206-0001.

Reported by: Joshua Rogers (Opera)
---

diff --git a/cgisimple.c b/cgisimple.c
index fd47c6d0..866ac263 100644
--- a/cgisimple.c
+++ b/cgisimple.c
@@ -542,6 +542,14 @@ jb_err cgi_send_banner(struct client_state *csp,
 {
    char imagetype = lookup(parameters, "type")[0];
 
+   if (imagetype != 'a' && imagetype != 'b' &&
+       imagetype != 'p' && imagetype != 't')
+   {
+      log_error(LOG_LEVEL_ERROR, "Overruling invalid image type '%c'.",
+         imagetype);
+      imagetype = 'p';
+   }
+
    /*
     * If type is auto, then determine the right thing
     * to do from the set-image-blocker action