X-Git-Url: http://www.privoxy.org/gitweb/show-status?a=blobdiff_plain;f=filters.c;h=9915bf5d35046dcc9a1832fbe2026f903adfff38;hb=3ed18b5dea4250aa840ffedfc6dd220143736628;hp=baaaea5f44051d5f7f6858223855b8462098dfaf;hpb=caacb81062e2e3152231c09c9da62a31e4efc170;p=privoxy.git diff --git a/filters.c b/filters.c index baaaea5f..9915bf5d 100644 --- a/filters.c +++ b/filters.c @@ -74,7 +74,7 @@ #include "win32.h" #endif -typedef char *(*filter_function_ptr)(); +typedef char *(*filter_function_ptr)(struct client_state *csp); static filter_function_ptr get_filter_function(const struct client_state *csp); static jb_err prepare_for_filtering(struct client_state *csp); static void apply_url_actions(struct current_action_spec *action, @@ -173,6 +173,14 @@ static int match_sockaddr(const struct sockaddr_storage *network, in_port_t *network_port, *netmask_port, *address_port; int i; + network_addr = NULL; + netmask_addr = NULL; + address_addr = NULL; + addr_len = 0; + network_port = NULL; + netmask_port = NULL; + address_port = NULL; + if (network->ss_family != netmask->ss_family) { /* This should never happen */ @@ -334,6 +342,10 @@ int acl_addr(const char *aspec, struct access_control_addr *aca) char *p; char *acl_spec = NULL; + mask_data = NULL; + mask_port = NULL; + addr_len = 0; + #ifdef HAVE_RFC2553 /* XXX: Depend on ai_family */ masklength = 128; @@ -2317,6 +2329,18 @@ static jb_err remove_chunked_transfer_coding(char *buffer, size_t *size) assert(buffer); from_p = to_p = buffer; +#ifndef FUZZ + /* + * Refuse to de-chunk invalid or incomplete data unless we're fuzzing. + */ + if (!chunked_data_is_complete(buffer, *size, 0)) + { + log_error(LOG_LEVEL_ERROR, + "Chunk-encoding appears to be invalid. Content can't be filtered."); + return JB_ERR_PARSE; + } +#endif + if (sscanf(buffer, "%x", &chunksize) != 1) { log_error(LOG_LEVEL_ERROR, "Invalid first chunksize while stripping \"chunked\" transfer coding");