summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan2010-02-21 13:02:30 +0100
committerStefan2010-02-21 13:02:30 +0100
commit53fc7e8928ab98f2290e65fc0e61a577c8725d9f (patch)
treeb1736e872f76c780b1dbfbc4ce1fd7369e0776c8
parentd79be08743e0e6746406718d56c0c0b15490b50e (diff)
Added the line ending characters 0x0a and 0x0d to the server.encode/server.strip protection
Diffstat
-rw-r--r--Changelog3
-rw-r--r--ifilter.c2
2 files changed, 3 insertions, 2 deletions
diff --git a/Changelog b/Changelog
index b6d2798..24208c6 100644
--- a/Changelog
+++ b/Changelog
@@ -1,6 +1,7 @@
12010-xx-xx - 0.9.30-dev 12010-xx-xx - 0.9.30-dev
2 2
3 - ... 3 - Added line ending characters %0a and %0d to the list of dangerous characters handled
4 by suhosin.server.encode and suhosin.server.strip
4 5
52009-08-15 - 0.9.29 62009-08-15 - 0.9.29
6 7
diff --git a/ifilter.c b/ifilter.c
index 38f97a5..d635ba3 100644
--- a/ifilter.c
+++ b/ifilter.c
@@ -118,7 +118,7 @@ void normalize_varname(char *varname)
118static unsigned char suhosin_hexchars[] = "0123456789ABCDEF"; 118static unsigned char suhosin_hexchars[] = "0123456789ABCDEF";
119 119
120static const char suhosin_is_dangerous_char[256] = { 120static const char suhosin_is_dangerous_char[256] = {
121 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 121 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0,
122 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 122 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
123 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 123 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0,
124 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 124 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0,