escape the matched substrings before using it in expansion.

author semarie <semarie@openbsd.org>

Tue, 23 Jun 2015 17:25:01 +0000 (17:25 +0000)

committer semarie <semarie@openbsd.org>

Tue, 23 Jun 2015 17:25:01 +0000 (17:25 +0000)
author semarie <semarie@openbsd.org>
Tue, 23 Jun 2015 17:25:01 +0000 (17:25 +0000)
committer semarie <semarie@openbsd.org>
Tue, 23 Jun 2015 17:25:01 +0000 (17:25 +0000)
diff --git a/usr.sbin/httpd/server_http.c b/usr.sbin/httpd/server_http.c

index 146b142..112bb00 100644 (file)
--- a/usr.sbin/httpd/server_http.c
+++ b/usr.sbin/httpd/server_http.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: server_http.c,v 1.83 2015/06/23 15:23:14 reyk Exp $   */
+/*     $OpenBSD: server_http.c,v 1.84 2015/06/23 17:25:01 semarie Exp $        */
  
  /*
   * Copyright (c) 2006 - 2015 Reyk Floeter <reyk@openbsd.org>
@@ -911,8 +911,11 @@ server_expand_http(struct client *clt, const char *val, char *buf,
                         return (NULL);
  
                 /* Expand variable with matched value */
-               if (expand_string(buf, len, ibuf,
-                   clt->clt_srv_match.sm_match[n]) != 0)
+               if ((str = url_encode(clt->clt_srv_match.sm_match[n])) == NULL)
+                       return (NULL);
+               ret = expand_string(buf, len, ibuf, str);
+               free(str);
+               if (ret != 0)
                         return (NULL);
         }
         if (strstr(val, "$DOCUMENT_URI") != NULL) {
author	semarie <semarie@openbsd.org>
	Tue, 23 Jun 2015 17:25:01 +0000 (17:25 +0000)
committer	semarie <semarie@openbsd.org>
	Tue, 23 Jun 2015 17:25:01 +0000 (17:25 +0000)