[master] ad0ae8e Escape question marks in C-strings to avoid accidentally generating tri-graphs.

Poul-Henning Kamp phk at FreeBSD.org
Wed Aug 27 12:02:21 CEST 2014


commit ad0ae8ee6cb158c5aa5f60e5077459d92331677a
Author: Poul-Henning Kamp <phk at FreeBSD.org>
Date:   Wed Aug 27 10:01:49 2014 +0000

    Escape question marks in C-strings to avoid accidentally generating
    tri-graphs.
    
    Fixes #1566

diff --git a/bin/varnishtest/tests/r01566.vtc b/bin/varnishtest/tests/r01566.vtc
new file mode 100644
index 0000000..fdf79a4
--- /dev/null
+++ b/bin/varnishtest/tests/r01566.vtc
@@ -0,0 +1,9 @@
+varnishtest "escape issue in regexp"
+
+varnish v1 -vcl {
+	backend b1 { .host = "127.0.0.1"; }
+
+	sub vcl_recv {
+		set req.url = regsuball(req.url, "\??(p|pi)=.*?(&|$)", "");
+	} 
+}
diff --git a/lib/libvcc/vcc_compile.c b/lib/libvcc/vcc_compile.c
index 4077c1c..934943d 100644
--- a/lib/libvcc/vcc_compile.c
+++ b/lib/libvcc/vcc_compile.c
@@ -211,6 +211,7 @@ EncString(struct vsb *sb, const char *b, const char *e, int mode)
 	VSB_cat(sb, "\"");
 	for (; b < e; b++) {
 		switch (*b) {
+		case '?':	// Trigraphs
 		case '\\':
 		case '"':
 			VSB_printf(sb, "\\%c", *b);



More information about the varnish-commit mailing list