[PATCHv2] httpd: don't drop QUERY_STRING when /cgi-bin/index.cgi is used

[walter harms]

Am 17.12.2011 00:26, schrieb Peter Korsgaard:
> The memory pointed to by g_query gets overwritten when the index_page
> is used, causing  URL arguments to get dropped when we fall back to
> /cgi-bin/index.cgi.
> 
> Work around it by making g_query a deep copy of urlp when CGI support
> is enabled, rather than silently dropping them.
> 
> Signed-off-by: Peter Korsgaard <jacmet at sunsite.dk>
> ---
>  Changes since v1:
>  - Use xstrdup and extend comment as suggested by Denys.
> 
>  networking/httpd.c |   11 +++++++++--
>  1 files changed, 9 insertions(+), 2 deletions(-)
> 
> diff --git a/networking/httpd.c b/networking/httpd.c
> index f52785b..61e06ff 100644
> --- a/networking/httpd.c
> +++ b/networking/httpd.c
> @@ -1996,7 +1996,16 @@ static void handle_incoming_and_exit(const len_and_sockaddr *fromAddr)
>  	tptr = strchr(urlcopy, '?');
>  	if (tptr) {
>  		*tptr++ = '\0';
> +#if ENABLE_FEATURE_HTTPD_CGI
> +		/* when index_page string is appended to <dir>/ URL, it overwrites
> +		   the query string. If we fallback to call /cgi-bin/index.cgi,
> +		   query string would be lost and not available to the CGI.
> +		   Work around it by making a deep copy instead.
> +		*/
> +		g_query = xstrdup(tptr);
> +#else
>  		g_query = tptr;
> +#endif
>  	}
>  

Would it hurt to call xstrdup() all time ?
that would save us from the #if
and simplify to code.

re,
 wh


>  	/* Decode URL escape sequences */
> @@ -2271,8 +2280,6 @@ static void handle_incoming_and_exit(const len_and_sockaddr *fromAddr)
>  		/* It's a dir URL and there is no index.html
>  		 * Try cgi-bin/index.cgi */
>  		if (access("/cgi-bin/index.cgi"+1, X_OK) == 0) {
> -			urlp[0] = '\0';
> -			g_query = urlcopy;
>  			send_cgi_and_exit("/cgi-bin/index.cgi", prequest, length, cookie, content_type);
>  		}
>  	}