flewkey/cuberite-2a
1
0
Fork 0
Code Releases Activity

Removed false positives in leakfinder for webserver - by using raw char arrays instead of std::string for const data.

Browse Source 
git-svn-id: http://mc-server.googlecode.com/svn/trunk@798 0a769ca7-a7f5-676a-18bf-c427514a06d6
This commit is contained in:
madmaxoft@gmail.com 2012-08-28 12:39:28 +00:00
parent 66300ea7a6
commit 4abaf24131
1 changed files with 26 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
WebServer/WebServer.cpp
View File

@ -288,13 +288,13 @@ void* webserver::Request(void* ptr_s)
req.path_ = path; req.path_ = path;
req.params_ = params; req.params_ = params;
static const std::string authorization = "Authorization: Basic "; static const char authorization[] = "Authorization: Basic ";
static const std::string accept = "Accept: " ; static const char accept[] = "Accept: ";
static const std::string accept_language = "Accept-Language: " ; static const char accept_language[] = "Accept-Language: ";
static const std::string accept_encoding = "Accept-Encoding: " ; static const char accept_encoding[] = "Accept-Encoding: ";
static const std::string user_agent = "User-Agent: " ; static const char user_agent[] = "User-Agent: ";
static const std::string content_length = "Content-Length: " ; static const char content_length[] = "Content-Length: ";
static const std::string content_type = "Content-Type: " ; static const char content_type[] = "Content-Type: ";
while(1) while(1)
{ {
@ -309,40 +309,40 @@ void* webserver::Request(void* ptr_s)
line = line.substr(0,pos_cr_lf); line = line.substr(0,pos_cr_lf);
if (line.substr(0, authorization.size()) == authorization) if (line.compare(0, sizeof(authorization) - 1, authorization) == 0)
{ {
req.authentication_given_ = true; req.authentication_given_ = true;
std::string encoded = line.substr(authorization.size()); std::string encoded = line.substr(sizeof(authorization) - 1);
std::string decoded = base64_decode(encoded); std::string decoded = base64_decode(encoded);
unsigned int pos_colon = decoded.find(":"); unsigned int pos_colon = decoded.find(":");
req.username_ = decoded.substr(0, pos_colon); req.username_ = decoded.substr(0, pos_colon);
req.password_ = decoded.substr(pos_colon+1 ); req.password_ = decoded.substr(pos_colon + 1);
} }
else if (line.substr(0, accept.size()) == accept) else if (line.compare(0, sizeof(accept) - 1, accept) == 0)
{ {
req.accept_ = line.substr(accept.size()); req.accept_ = line.substr(sizeof(accept) - 1);
} }
else if (line.substr(0, accept_language.size()) == accept_language) else if (line.compare(0, sizeof(accept_language) - 1, accept_language) == 0)
{ {
req.accept_language_ = line.substr(accept_language.size()); req.accept_language_ = line.substr(sizeof(accept_language) - 1);
} }
else if (line.substr(0, accept_encoding.size()) == accept_encoding) else if (line.compare(0, sizeof(accept_encoding) - 1, accept_encoding) == 0)
{ {
req.accept_encoding_ = line.substr(accept_encoding.size()); req.accept_encoding_ = line.substr(sizeof(accept_encoding) - 1);
} }
else if (line.substr(0, user_agent.size()) == user_agent) else if (line.compare(0, sizeof(user_agent) - 1, user_agent) == 0)
{ {
req.user_agent_ = line.substr(user_agent.size()); req.user_agent_ = line.substr(sizeof(user_agent) - 1);
} }
else if (line.substr(0, content_length.size()) == content_length) else if (line.compare(0, sizeof(content_length) - 1, content_length) == 0)
{ {
req.content_length_ = atoi( line.substr(content_length.size()).c_str() ); req.content_length_ = atoi(line.substr(sizeof(content_length) - 1).c_str() );
} }
else if (line.substr(0, content_type.size()) == content_type) else if (line.compare(0, sizeof(content_type) - 1, content_type) == 0)
{ {
req.content_type_ = line.substr(content_type.size()); req.content_type_ = line.substr(sizeof(content_type) - 1);
} }
} }
@ -376,11 +376,11 @@ void* webserver::Request(void* ptr_s)
tm* gmt= gmtime(&ltime); tm* gmt= gmtime(&ltime);
#ifdef _WIN32 #ifdef _WIN32
static std::string const serverName = "MCServerWebAdmin (Windows)"; static const char serverName[] = "MCServerWebAdmin (Windows)";
#elif __APPLE__ #elif __APPLE__
static std::string const serverName = "MCServerWebAdmin (MacOSX)"; static const char serverName[] = "MCServerWebAdmin (MacOSX)";
#else #else
static std::string const serverName = "MCServerWebAdmin (Linux)"; static const char serverName[] = "MCServerWebAdmin (Linux)";
#endif #endif
@ -401,7 +401,7 @@ void* webserver::Request(void* ptr_s)
s->SendLine(req.status_); s->SendLine(req.status_);
} }
s->SendLine(std::string("Date: ") + asctime_remove_nl + " GMT"); s->SendLine(std::string("Date: ") + asctime_remove_nl + " GMT");
s->SendLine(std::string("Server: ") +serverName); s->SendLine(std::string("Server: ") + serverName);
s->SendLine("Connection: close"); s->SendLine("Connection: close");
s->SendLine("Content-Type: text/html; charset=ISO-8859-1"); s->SendLine("Content-Type: text/html; charset=ISO-8859-1");
s->SendLine("Content-Length: " + str_str.str()); s->SendLine("Content-Length: " + str_str.str());