31 lines
805 B
Diff
31 lines
805 B
Diff
From: Petr Tesarik <ptesarik@suse.de>
|
|
Subject: wget: CAN-2004-1488
|
|
Patch-mainline: no
|
|
References: 185265
|
|
|
|
Escape non-printing characters when dumping all HTTP headers.
|
|
|
|
--- src/http.c
|
|
+++ src/http.c
|
|
@@ -754,14 +754,17 @@
|
|
{
|
|
const char *b = resp->headers[i];
|
|
const char *e = resp->headers[i + 1];
|
|
+ char *str;
|
|
/* Skip CRLF */
|
|
if (b < e && e[-1] == '\n')
|
|
--e;
|
|
if (b < e && e[-1] == '\r')
|
|
--e;
|
|
- /* This is safe even on printfs with broken handling of "%.<n>s"
|
|
- because resp->headers ends with \0. */
|
|
- logprintf (LOG_VERBOSE, "%s%.*s\n", prefix, e - b, b);
|
|
+ str = xmalloc (e - b + 1);
|
|
+ memcpy (str, b, e - b);
|
|
+ str[e - b] = 0;
|
|
+ logprintf (LOG_VERBOSE, "%s%s\n", prefix, escnonprint (str));
|
|
+ xfree (str);
|
|
}
|
|
}
|
|
|