cgit

commit 52e605caf573fa20fdd4fbac5e1cc69b7740b1f5

Author: Lars Hjemli <larsh@hal-2004.(none)>

Handle %xx encoding in querystring

Convert valid %xx expressions in querystring to ascii, ignore invalid
expressions (i.e. eat the three characters %xx).

Signed-off-by: Lars Hjemli <larsh@hal-2004.(none)>

 cgit.h | 2 ++
 parsing.c | 21 +++++++++++++++++++++
 shared.c | 13 +++++++++++++


diff --git a/cgit.h b/cgit.h
index 249650e087a91c4cc8d1f8a9452b10bcebfcbb21..eb8f08c1876a64f48473ebad243fd46e4f10bd61 100644
--- a/cgit.h
+++ b/cgit.h
@@ -67,6 +67,8 @@ extern void cgit_global_config_cb(const char *name, const char *value);
 extern void cgit_repo_config_cb(const char *name, const char *value);
 extern void cgit_querystring_cb(const char *name, const char *value);
 
+extern int hextoint(char c);
+
 extern void *cgit_free_commitinfo(struct commitinfo *info);
 
 extern char *fmt(const char *format,...);




diff --git a/parsing.c b/parsing.c
index 1b22fcf5d059dfd5715e4b5acce911b773115bd2..4173dd4adf7eece4d90f39b4e0b86627ea689e87 100644
--- a/parsing.c
+++ b/parsing.c
@@ -79,6 +79,25 @@ 	fclose(f);
 	return ret;
 }
 
+char *convert_query_hexchar(char *txt)
+{
+	int d1, d2;
+	if (strlen(txt) < 3) {
+		*txt = '\0';
+		return txt-1;
+	}
+	d1 = hextoint(*(txt+1));
+	d2 = hextoint(*(txt+2));
+	if (d1<0 || d2<0) {
+		strcpy(txt, txt+3);
+		return txt-1;
+	} else {
+		*txt = d1 * 16 + d2;
+		strcpy(txt+1, txt+3);
+		return txt;
+	}
+}
+
 int cgit_parse_query(char *txt, configfn fn)
 {
 	char *t, *value = NULL, c;
@@ -94,6 +113,8 @@ 			*t = '\0';
 			value = t+1;
 		} else if (c=='+') {
 			*t = ' ';
+		} else if (c=='%') {
+			t = convert_query_hexchar(t);
 		} else if (c=='&') {
 			*t = '\0';
 			(*fn)(txt, value);




diff --git a/shared.c b/shared.c
index 7def51a997beb49f5b302477beba9aee80aebfb2..e4595fabe0cd2f1650fa1566adfb67c1568b60e3 100644
--- a/shared.c
+++ b/shared.c
@@ -113,3 +113,16 @@ 	free(info->subject);
 	free(info);
 	return NULL;
 }
+
+int hextoint(char c)
+{
+	if (c >= 'a' && c <= 'f')
+		return 10 + c - 'a';
+	else if (c >= 'A' && c <= 'F')
+		return 10 + c - 'A';
+	else if (c >= '0' && c <= '9')
+		return c - '0';
+	else
+		return -1;
+}
+