aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPřemysl Janouch <p.janouch@gmail.com>2015-03-23 20:12:02 +0100
committerPřemysl Janouch <p.janouch@gmail.com>2015-03-23 20:12:02 +0100
commit6e9109df4cc781d451ca49ccb9adba9081750651 (patch)
treec34e84af4f3aed6919a758481164f4828fa8b226
parent987eae56610dc0d513130d4ae981b7245ebea220 (diff)
downloadjson-rpc-shell-6e9109df4cc781d451ca49ccb9adba9081750651.tar.gz
json-rpc-shell-6e9109df4cc781d451ca49ccb9adba9081750651.tar.xz
json-rpc-shell-6e9109df4cc781d451ca49ccb9adba9081750651.zip
Don't allow whitespace in base64
Diffstat
-rw-r--r--demo-json-rpc-server.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/demo-json-rpc-server.c b/demo-json-rpc-server.c
index 806225c..322d7d2 100644
--- a/demo-json-rpc-server.c
+++ b/demo-json-rpc-server.c
@@ -221,7 +221,7 @@ static uint8_t g_base64_table[256] =
};
static inline bool
-base64_decode_group (const char **s, struct str *output)
+base64_decode_group (const char **s, bool ignore_ws, struct str *output)
{
uint8_t input[4];
size_t loaded = 0;
@@ -229,7 +229,7 @@ base64_decode_group (const char **s, struct str *output)
{
if (!**s)
return loaded == 0;
- if (!isspace_ascii (**s))
+ if (!ignore_ws || !isspace_ascii (**s))
input[loaded++] = **s;
}
@@ -270,10 +270,10 @@ base64_decode_group (const char **s, struct str *output)
}
static bool
-base64_decode (const char *s, struct str *output)
+base64_decode (const char *s, bool ignore_ws, struct str *output)
{
while (*s)
- if (!base64_decode_group (&s, output))
+ if (!base64_decode_group (&s, ignore_ws, output))
return false;
return true;
}
@@ -2255,7 +2255,7 @@ ws_handler_finish_handshake (struct ws_handler *self)
struct str tmp;
str_init (&tmp);
- bool key_is_valid = base64_decode (key, &tmp) && tmp.len == 16;
+ bool key_is_valid = base64_decode (key, false, &tmp) && tmp.len == 16;
str_free (&tmp);
if (!key_is_valid)
FAIL_HANDSHAKE (HTTP_400_BAD_REQUEST, NULL);
generated by cgit v1.2.3-70-g09d2 (git 2.47.0) at 2024-11-22 06:10:37 +0000