diff options
| author | Sergey Kandaurov <pluknet@nginx.com> | 2025-09-11 18:23:10 +0400 |
|---|---|---|
| committer | pluknet <pluknet@nginx.com> | 2025-09-26 17:04:20 +0400 |
| commit | 6f81314a070201afc4e25b975b1f915698cff634 (patch) | |
| tree | 79fc997ab5cb5c091c8a2c30ca05619090f23b1d /src/core/ngx_string.c | |
| parent | 8255bd29ac9a7bcdc317a8889420554e00d435cb (diff) | |
| download | nginx-6f81314a070201afc4e25b975b1f915698cff634.tar.gz nginx-6f81314a070201afc4e25b975b1f915698cff634.tar.bz2 | |
Mail: xtext encoding (RFC 3461) in XCLIENT LOGIN.
The XCLIENT command uses xtext encoding for attribute values,
as specified in https://www.postfix.org/XCLIENT_README.html.
Reported by Igor Morgenstern of Aisle Research.
Diffstat (limited to 'src/core/ngx_string.c')
| -rw-r--r-- | src/core/ngx_string.c | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/src/core/ngx_string.c b/src/core/ngx_string.c index f8f738472..10fe764c3 100644 --- a/src/core/ngx_string.c +++ b/src/core/ngx_string.c @@ -1494,8 +1494,9 @@ ngx_utf8_cpystrn(u_char *dst, u_char *src, size_t n, size_t len) uintptr_t ngx_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type) { - ngx_uint_t n; + u_char prefix; uint32_t *escape; + ngx_uint_t n; static u_char hex[] = "0123456789ABCDEF"; /* @@ -1633,11 +1634,36 @@ ngx_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type) /* mail_auth is the same as memcached */ + /* " ", "+", "=", not allowed */ + + static uint32_t mail_xtext[] = { + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + + /* ?>=< ;:98 7654 3210 /.-, +*)( '&%$ #"! */ + 0x20000801, /* 0010 0000 0000 0000 0000 1000 0000 0001 */ + + /* _^]\ [ZYX WVUT SRQP ONML KJIH GFED CBA@ */ + 0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */ + + /* ~}| {zyx wvut srqp onml kjih gfed cba` */ + 0x80000000, /* 1000 0000 0000 0000 0000 0000 0000 0000 */ + + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + }; + static uint32_t *map[] = - { uri, args, uri_component, html, refresh, memcached, memcached }; + { uri, args, uri_component, html, refresh, memcached, memcached, + mail_xtext }; + + static u_char map_char[] = + { '%', '%', '%', '%', '%', '%', '%', '+' }; escape = map[type]; + prefix = map_char[type]; if (dst == NULL) { @@ -1658,7 +1684,7 @@ ngx_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type) while (size) { if (escape[*src >> 5] & (1U << (*src & 0x1f))) { - *dst++ = '%'; + *dst++ = prefix; *dst++ = hex[*src >> 4]; *dst++ = hex[*src & 0xf]; src++; |