Commits
Commit:
4842c72d9f3f45478cb641e15a3272e541fb8a18
From:
Omar Polo <op@omarpolo.com>
Date:
Mon Oct 18 10:05:55 2021 UTC
fmt
Commit:
fa0299a26d6e0cc83135a7f46e74710a9d5a8efa
From:
Omar Polo <op@omarpolo.com>
Date:
Sat Oct 2 17:20:56 2021 UTC
drop now unused trim_req_iri
Commit:
e15fc9573666054bdff5feecf8b2b130ca00cc76
From:
Omar Polo <op@omarpolo.com>
Date:
Fri Sep 24 08:12:40 2021 UTC
change struct initialization makes more explicit which fields we're setting. (and kill an extra empty line)
Commit:
df0c2926ccb753d07a3f20f3626a20f7079453ee
From:
Omar Polo <op@omarpolo.com>
Date:
Fri Sep 24 08:08:49 2021 UTC
use memset(3) rather than bzero(3) There's no difference, but bzero(3) says STANDARDS The bzero() function conforms to the X/Open System Interfaces option of the IEEE Std 1003.1-2004 (“POSIX.1”) specification. It was removed from the standard in IEEE Std 1003.1-2008 (“POSIX.1”), which recommends using memset(3) instead. so here we are.
Commit:
a8a1f439210de9538b196c6bb5470c306379128c
From:
Omar Polo <op@omarpolo.com>
Date:
Wed Jul 7 09:46:37 2021 UTC
style(9)-ify
Commit:
80fbf1e934ed1e2dafea65e88bb91a501f175a3b
From:
Omar Polo <op@omarpolo.com>
Date:
Wed Jun 16 15:04:42 2021 UTC
make sure l is always initialized I can't think of cases where we reach serialize_iri and path is NULL, but let's keep the safe side and initialize l. gcc 8 found this, clang didn't.
Commit:
9d092b607a25f4598557792be5ec35f02c3ae966
From:
Omar Polo <op@omarpolo.com>
Date:
Mon Apr 12 20:11:47 2021 UTC
fix IRI-parsing bug Some particularly crafted IRIs can cause a denial of service (DOS). IRIs which have a trailing `..' segment and resolve to a valid IRI (i.e. a .. that's not escaping the root directory) will make the server process loop forever. This is """just""" an DOS vulnerability, it doesn't expose anything sensitive or give an attacker anything else.
Commit:
52418c8d828bc25e0e84cc25d5e349a84be0b397
From:
Omar Polo <op@omarpolo.com>
Date:
Fri Feb 12 12:47:20 2021 UTC
fix various compilation errors Include gmid.h as first header in every file, as it then includes config.h (that defines _GNU_SOURCE for instance). Fix also a warning about unsigned vs signed const char pointers in openssl.
Commit:
9f006a2127398af12ecf9159cd5ef28b3685e7a6
From:
Omar Polo <op@omarpolo.com>
Date:
Sun Feb 7 18:55:04 2021 UTC
[cgi] split the query in words if needed and add them to the argv
Commit:
19e7bd00a3d1b2574e3ed149fa354d45e83a8b50
From:
Omar Polo <op@omarpolo.com>
Date:
Sat Feb 6 09:33:48 2021 UTC
[iri] accept also : and @ again, to be RFC3986 compliant.
Commit:
8404ec301fed4f0bb5a3d1e7b5a2e184a93cc4e5
From:
Omar Polo <op@omarpolo.com>
Date:
Fri Feb 5 14:31:53 2021 UTC
don't %-decode the query
Commit:
2fafa2d23e5607def335902b7a9d10a9de5247a9
From:
Omar Polo <op@omarpolo.com>
Date:
Mon Feb 1 11:11:43 2021 UTC
bring the CGI implementation in par with GLV-1.12556
Commit:
57d0d0adba61856956191554a9624334f083c2f6
From:
Omar Polo <op@omarpolo.com>
Date:
Sun Jan 31 11:50:01 2021 UTC
ensure iri.host isn't NULL
Commit:
117ac52cdd4f45bd5402686b9d4f1d91c32cb1dd
From:
Omar Polo <op@omarpolo.com>
Date:
Fri Jan 29 17:26:23 2021 UTC
accept a wider range of UNICODE codepoints while parsing hostnames
Commit:
9a672b37122cd24931aee82617b30200637b287c
From:
Omar Polo <op@omarpolo.com>
Date:
Thu Jan 28 16:26:49 2021 UTC
legibility: use p[n] instead of (*(p + n))
Omar Polo