escape " ", "%", and %00-%1F in login and password

author: Igor Sysoev <igor@sysoev.ru> 2007-08-20 09:50:53 +0000
committer: Igor Sysoev <igor@sysoev.ru> 2007-08-20 09:50:53 +0000
commit: d4ff5616814b2632f0c6f5fe84b38a57029e80aa (patch)
tree: 619ad682d00d90e0b0fd990e588a375382cadd5f /src
parent: 4edb1d61e9d254a9faccc8de9f99eeabc631386d (diff)
download: nginx-d4ff5616814b2632f0c6f5fe84b38a57029e80aa.tar.gz
nginx-d4ff5616814b2632f0c6f5fe84b38a57029e80aa.zip
4 files changed, 19 insertions, 37 deletions
diff --git a/src/core/ngx_string.c b/src/core/ngx_string.c
index a07dbebeb..aac68477f 100644
--- a/src/core/ngx_string.c
+++ b/src/core/ngx_string.c
@@ -1019,7 +1019,7 @@ ngx_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type)
         0xffffffff  /* 1111 1111 1111 1111  1111 1111 1111 1111 */
     };
 
-                    /* " ", """, "%", "'", %00-%1F, %7F-%FF */
+                    /* " ", "#", """, "%", "'", %00-%1F, %7F-%FF */
 
     static uint32_t   html[] = {
         0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
@@ -1039,13 +1039,13 @@ ngx_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type)
         0xffffffff  /* 1111 1111 1111 1111  1111 1111 1111 1111 */
     };
 
-                    /* " ", """, "'", %00-%1F, %7F-%FF */
+                    /* " ", """, "%", "'", %00-%1F, %7F-%FF */
 
     static uint32_t   refresh[] = {
         0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
 
                     /* ?>=< ;:98 7654 3210  /.-, +*)( '&%$ #"!  */
-        0x00000085, /* 0000 0000 0000 0000  0000 0000 1000 0101 */
+        0x000000a5, /* 0000 0000 0000 0000  0000 0000 1010 0101 */
 
                     /* _^]\ [ZYX WVUT SRQP  ONML KJIH GFED CBA@ */
         0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */
@@ -1059,13 +1059,13 @@ ngx_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type)
         0xffffffff  /* 1111 1111 1111 1111  1111 1111 1111 1111 */
     };
 
-                    /* " ", %00-%1F */
+                    /* " ", "%", %00-%1F */
 
     static uint32_t   memcached[] = {
         0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
 
                     /* ?>=< ;:98 7654 3210  /.-, +*)( '&%$ #"!  */
-        0x00000001, /* 0000 0000 0000 0000  0000 0000 0000 0001 */
+        0x00000021, /* 0000 0000 0000 0000  0000 0000 0010 0001 */
 
                     /* _^]\ [ZYX WVUT SRQP  ONML KJIH GFED CBA@ */
         0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */
@@ -1079,7 +1079,10 @@ ngx_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type)
         0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */
     };
 
-    static uint32_t  *map[] = { uri, args, html, refresh, memcached };
+                    /* mail_auth is the same as memcached */
+
+    static uint32_t  *map[] =
+        { uri, args, html, refresh, memcached, memcached };
 
 
     escape = map[type];
diff --git a/src/core/ngx_string.h b/src/core/ngx_string.h
index b4a96c543..42d50a46c 100644
--- a/src/core/ngx_string.h
+++ b/src/core/ngx_string.h
@@ -155,6 +155,7 @@ u_char *ngx_utf_cpystrn(u_char *dst, u_char *src, size_t n);
 #define NGX_ESCAPE_HTML       2
 #define NGX_ESCAPE_REFRESH    3
 #define NGX_ESCAPE_MEMCACHED  4
+#define NGX_ESCAPE_MAIL_AUTH  5
 
 #define NGX_UNESCAPE_URI      1
 
diff --git a/src/mail/ngx_mail_auth_http_module.c b/src/mail/ngx_mail_auth_http_module.c
index 52031b340..906152ce8 100644
--- a/src/mail/ngx_mail_auth_http_module.c
+++ b/src/mail/ngx_mail_auth_http_module.c
@@ -1251,18 +1251,10 @@ ngx_mail_auth_http_create_request(ngx_mail_session_t *s, ngx_pool_t *pool,
 static ngx_int_t
 ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped)
 {
-    u_char      ch, *p;
-    ngx_uint_t  i, n;
+    u_char     *p;
+    uintptr_t   n;
 
-    n = 0;
-
-    for (i = 0; i < text->len; i++) {
-        ch = text->data[i];
-
-        if (ch == CR || ch == LF) {
-            n++;
-        }
-    }
+    n = ngx_escape_uri(NULL, text->data, text->len, NGX_ESCAPE_MAIL_AUTH);
 
     if (n == 0) {
         *escaped = *text;
@@ -1276,27 +1268,9 @@ ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped)
         return NGX_ERROR;
     }
 
-    escaped->data = p;
-
-    for (i = 0; i < text->len; i++) {
-        ch = text->data[i];
-
-        if (ch == CR) {
-            *p++ = '%';
-            *p++ = '0';
-            *p++ = 'D';
-            continue;
-        }
+    (void) ngx_escape_uri(p, text->data, text->len, NGX_ESCAPE_MAIL_AUTH);
 
-        if (ch == LF) {
-            *p++ = '%';
-            *p++ = '0';
-            *p++ = 'A';
-            continue;
-        }
-
-        *p++ = ch;
-    }
+    escaped->data = p;
 
     return NGX_OK;
 }
diff --git a/src/mail/ngx_mail_parse.c b/src/mail/ngx_mail_parse.c
index fa0fda31b..c959b44b2 100644
--- a/src/mail/ngx_mail_parse.c
+++ b/src/mail/ngx_mail_parse.c
@@ -434,6 +434,10 @@ ngx_int_t ngx_imap_parse_command(ngx_mail_session_t *s)
             break;
 
         case sw_argument:
+            if (ch == ' ' && s->quoted) {
+                break;
+            }
+
             switch (ch) {
             case '"':
                 if (!s->quoted) {
author	Igor Sysoev <igor@sysoev.ru>	2007-08-20 09:50:53 +0000
committer	Igor Sysoev <igor@sysoev.ru>	2007-08-20 09:50:53 +0000
commit	d4ff5616814b2632f0c6f5fe84b38a57029e80aa (patch)
tree	619ad682d00d90e0b0fd990e588a375382cadd5f /src
parent	4edb1d61e9d254a9faccc8de9f99eeabc631386d (diff)
download	nginx-d4ff5616814b2632f0c6f5fe84b38a57029e80aa.tar.gz nginx-d4ff5616814b2632f0c6f5fe84b38a57029e80aa.zip