代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/cockpit 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From c51f6177576d7e12614c64d316cf0b67addd17c9 Mon Sep 17 00:00:00 2001
From: Stef Walter <[email protected]>
Date: Thu, 13 Dec 2018 15:12:44 +0100
Subject: [PATCH] ws: Fix bug parsing invalid base64 headers
The len parameter to g_base64_decode_inplace() is a inout
parameter, and needs to be initialized. Lets just use
the simpler g_base64_decode() function. This fixes a segfault.
Closes #10819
---
src/ws/cockpitauth.c | 13 ++++++++-----
src/ws/test-auth.c | 6 ++++++
2 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/src/ws/cockpitauth.c b/src/ws/cockpitauth.c
index 474e13c..963f7a7 100644
--- a/src/ws/cockpitauth.c
+++ b/src/ws/cockpitauth.c
@@ -1159,16 +1159,19 @@ cockpit_auth_class_init (CockpitAuthClass *klass)
cockpit_authorize_logger (authorize_logger, 0);
}
-static char *
+static gchar *
base64_decode_string (const char *enc)
{
+ gchar *dec;
+ gsize len;
+
if (enc == NULL)
return NULL;
- char *dec = g_strdup (enc);
- gsize len;
- g_base64_decode_inplace (dec, &len);
- dec[len] = '\0';
+ dec = (gchar *)g_base64_decode (enc, &len);
+ if (dec)
+ dec[len] = '\0';
+
return dec;
}
diff --git a/src/ws/test-auth.c b/src/ws/test-auth.c
index 6f84b01..57d9462 100644
--- a/src/ws/test-auth.c
+++ b/src/ws/test-auth.c
@@ -286,6 +286,12 @@ test_headers_bad (Test *test,
if (cockpit_auth_check_cookie (test->auth, "/cockpit", headers))
g_assert_not_reached ();
+ /* Bad encoding */
+ g_hash_table_remove_all (headers);
+ g_hash_table_insert (headers, g_strdup ("Cookie"), g_strdup ("cockpit=d"));
+ if (cockpit_auth_check_cookie (test->auth, "/cockpit", headers))
+ g_assert_not_reached ();
+
g_hash_table_destroy (headers);
}
--
2.19.1
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手