[mapserver-commits] r8855 - branches/branch-5-4/mapserver
svn at osgeo.org
svn at osgeo.org
Tue Mar 31 23:18:19 EDT 2009
Author: sdlime
Date: 2009-03-31 23:18:19 -0400 (Tue, 31 Mar 2009)
New Revision: 8855
Modified:
branches/branch-5-4/mapserver/mapserv.c
branches/branch-5-4/mapserver/maptemplate.h
Log:
Make sure 'id' CGI parameter is validated against a regex before use. (#2942)
Modified: branches/branch-5-4/mapserver/mapserv.c
===================================================================
--- branches/branch-5-4/mapserver/mapserv.c 2009-04-01 03:13:28 UTC (rev 8854)
+++ branches/branch-5-4/mapserver/mapserv.c 2009-04-01 03:18:19 UTC (rev 8855)
@@ -403,6 +403,10 @@
}
if(strcasecmp(mapserv->request->ParamNames[i],"id") == 0) {
+ if(msEvalRegex(IDPATTERN, mapserv->request->ParamValues[i]) == MS_FALSE) {
+ msSetError(MS_WEBERR, "Parameter 'id' value fails to validate.", "loadForm()");
+ writeError();
+ }
strncpy(mapserv->Id, mapserv->request->ParamValues[i], IDSIZE);
continue;
}
Modified: branches/branch-5-4/mapserver/maptemplate.h
===================================================================
--- branches/branch-5-4/mapserver/maptemplate.h 2009-04-01 03:13:28 UTC (rev 8854)
+++ branches/branch-5-4/mapserver/maptemplate.h 2009-04-01 03:18:19 UTC (rev 8855)
@@ -33,7 +33,8 @@
#include "mapserver.h"
#include "maphash.h"
-#define IDSIZE 128
+#define IDPATTERN "^[0-9A-Za-z]{1,63}$"
+#define IDSIZE 64
#define TEMPLATE_TYPE(s) (((strncmp("http://", s, 7) == 0) || (strncmp("https://", s, 8) == 0) || (strncmp("ftp://", s, 6)) == 0) ? MS_URL : MS_FILE)
#define MAXZOOM 25
#define MINZOOM -25
More information about the mapserver-commits
mailing list