[src/trunk]: src/libexec/httpd fix PR 47629, using a slightly different patch...

[mrg <mrg%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/51d317280d0a
branches:  trunk
changeset: 785342:51d317280d0a
user:      mrg <mrg%NetBSD.org@localhost>
date:      Sat Mar 09 21:36:04 2013 +0000

description:
fix PR 47629, using a slightly different patch to the one in the PR.

this modifies escape_rfc3986() to escape '%' itself, and to properly
track the buffer size and nul out the final byte, not some random
byte that may actually be unmapped.

diffstat:

 libexec/httpd/bozohttpd.c |  7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)

diffs (35 lines):

diff -r 62dcea0faeb8 -r 51d317280d0a libexec/httpd/bozohttpd.c
--- a/libexec/httpd/bozohttpd.c Sat Mar 09 19:43:20 2013 +0000
+++ b/libexec/httpd/bozohttpd.c Sat Mar 09 21:36:04 2013 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: bozohttpd.c,v 1.32 2012/07/19 09:53:06 mrg Exp $       */
+/*     $NetBSD: bozohttpd.c,v 1.33 2013/03/09 21:36:04 mrg Exp $       */
 
 /*     $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $      */
 
@@ -871,7 +871,7 @@
                return buf;
        }
 
-       for (s = url, d = buf; *s;) {
+       for (len = 0, s = url, d = buf; *s;) {
                if (*s & 0x80)
                        goto encode_it;
                switch (*s) {
@@ -893,13 +893,16 @@
                case ',':
                case ';':
                case '=':
+               case '%':
                encode_it:
                        snprintf(d, 4, "%%%2X", *s++);
                        d += 3;
                        len += 3;
+                       break;
                default:
                        *d++ = *s++;
                        len++;
+                       break;
                }
        }
        buf[len] = 0;