Skip to content

Commit

Permalink
2.05b: crash and redirect fixes
Browse files Browse the repository at this point in the history
- Fixed a NULL pointer crash when adding "callback" tests to JavaScript
  URLs that have a parameter with no value.
- Bug fix in the redirect callback which expected 2 responses but
  since 2.04b actually should process 4.
  • Loading branch information
spinkham committed Mar 17, 2012
1 parent a46315b commit 771e70e
Show file tree
Hide file tree
Showing 4 changed files with 13 additions and 7 deletions.
12 changes: 9 additions & 3 deletions ChangeLog
Original file line number Diff line number Diff line change
@@ -1,3 +1,12 @@
Version 2.05b:
--------------

- Fixed a NULL pointer crash when adding "callback" tests to JavaScript
URLs that have a parameter with no value.

- Bug fix in the redirect callback which expected 2 responses but
since 2.04b actually should process 4.

Version 2.04b:
--------------

Expand Down Expand Up @@ -26,9 +35,6 @@ Version 2.04b:

- Bugfix to es / eg handling in dictionaries.

- Added the "complete-fast.wl" wordlist which is an es / eg optimized
version of "complete.wl" (resulting in 20-30% fewer requests).


Version 2.03b:
--------------
Expand Down
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
#

PROGNAME = skipfish
VERSION = 2.04b
VERSION = 2.05b

OBJFILES = http_client.c database.c crawler.c analysis.c report.c
INCFILES = alloc-inl.h string-inl.h debug.h types.h http_client.h \
Expand Down
2 changes: 1 addition & 1 deletion crawler.c
Original file line number Diff line number Diff line change
Expand Up @@ -1435,7 +1435,7 @@ static u8 inject_redir_check(struct http_request* req,

schedule_next:

if (req->user_val != 2) return 0;
if (req->user_val != 4) return 0;

/* Header splitting - 2 requests */

Expand Down
4 changes: 2 additions & 2 deletions http_client.c
Original file line number Diff line number Diff line change
Expand Up @@ -125,7 +125,8 @@ u8* get_value(u8 type, u8* name, u32 offset,

for (i=0;i<par->c;i++) {
if (type != par->t[i]) continue;
if (name && strcasecmp((char*)par->n[i], (char*)name)) continue;
if (name && (!par->n[i] || strcasecmp((char*)par->n[i], (char*)name)))
continue;
if (offset != coff) { coff++; continue; }
return par->v[i];
}
Expand Down Expand Up @@ -2648,4 +2649,3 @@ void http_req_list(void) {
}

}

0 comments on commit 771e70e

Please sign in to comment.