[src/trunk]: src/libexec/httpd - fix CGI '+' param and error handling.

[mrg <mrg%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/b2791fc92d0f
branches:  trunk
changeset: 447574:b2791fc92d0f
user:      mrg <mrg%NetBSD.org@localhost>
date:      Thu Jan 17 07:34:06 2019 +0000

description:
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().

both from "Rajeev V. Pillai" <rajeev_v_pillai%yahoo.com@localhost>

diffstat:

 libexec/httpd/CHANGES       |   6 +++++-
 libexec/httpd/cgi-bozo.c    |  14 ++++++++------
 libexec/httpd/daemon-bozo.c |   6 +++---
 3 files changed, 16 insertions(+), 10 deletions(-)

diffs (86 lines):

diff -r 6c7c75e7ab98 -r b2791fc92d0f libexec/httpd/CHANGES
--- a/libexec/httpd/CHANGES     Thu Jan 17 07:05:24 2019 +0000
+++ b/libexec/httpd/CHANGES     Thu Jan 17 07:34:06 2019 +0000
@@ -1,4 +1,8 @@
-$NetBSD: CHANGES,v 1.34 2018/12/19 12:40:32 mrg Exp $
+$NetBSD: CHANGES,v 1.35 2019/01/17 07:34:06 mrg Exp $
+
+changes in bozohttpd 20190116:
+       o  fix CGI '+' parameter handling, and a double free.  from
+          rajeev_v_pillai%yahoo.com@localhost
 
 changes in bozohttpd 20181215:
        o  fix .htpasswd bypass for authenticated users.  reported by JP,
diff -r 6c7c75e7ab98 -r b2791fc92d0f libexec/httpd/cgi-bozo.c
--- a/libexec/httpd/cgi-bozo.c  Thu Jan 17 07:05:24 2019 +0000
+++ b/libexec/httpd/cgi-bozo.c  Thu Jan 17 07:34:06 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: cgi-bozo.c,v 1.45 2018/11/24 13:03:15 christos Exp $   */
+/*     $NetBSD: cgi-bozo.c,v 1.46 2019/01/17 07:34:06 mrg Exp $        */
 
 /*     $eterna: cgi-bozo.c,v 1.40 2011/11/18 09:21:15 mrg Exp $        */
 
@@ -241,10 +241,10 @@
  
        args[0] = str;
        args[*args_len] = NULL;
-       for (s = str, i = 0; (s = strchr(s, '+')) != NULL;) {
+       for (s = str, i = 1; (s = strchr(s, '+')) != NULL; i++) {
                *s = '\0';
                s++;
-               args[i++] = s;
+               args[i] = s;
        }
 
        /*
@@ -333,8 +333,7 @@
 
 parse_err:
 
-       free (str);
-       free (*args);
+       free(str);
        free(args);
        *args_len = 0;
 
@@ -610,9 +609,12 @@
                closelog();
                bozo_daemon_closefds(httpd);
 
-               if (-1 == execve(path, argv, envp))
+               if (-1 == execve(path, argv, envp)) {
+                       bozo_http_error(httpd, 404, request,
+                               "Cannot execute CGI");
                        bozoerr(httpd, 1, "child exec failed: %s: %s",
                              path, strerror(errno));
+               }
                /* NOT REACHED */
                bozoerr(httpd, 1, "child execve returned?!");
        }
diff -r 6c7c75e7ab98 -r b2791fc92d0f libexec/httpd/daemon-bozo.c
--- a/libexec/httpd/daemon-bozo.c       Thu Jan 17 07:05:24 2019 +0000
+++ b/libexec/httpd/daemon-bozo.c       Thu Jan 17 07:34:06 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: daemon-bozo.c,v 1.19 2018/11/22 08:54:08 mrg Exp $     */
+/*     $NetBSD: daemon-bozo.c,v 1.20 2019/01/17 07:34:06 mrg Exp $     */
 
 /*     $eterna: daemon-bozo.c,v 1.24 2011/11/18 09:21:15 mrg Exp $     */
 
@@ -205,7 +205,7 @@
 }
 
 static int
-daemon_poll_err(bozohttpd_t *httpd, int fd, int idx)
+daemon_poll_err(bozohttpd_t *httpd, int idx)
 {
        if ((httpd->fds[idx].revents & (POLLNVAL|POLLERR|POLLHUP)) == 0)
                return 0;
@@ -284,7 +284,7 @@
                }
 
                for (i = 0; i < httpd->nsock; i++) {
-                       if (daemon_poll_err(httpd, fd, i))
+                       if (daemon_poll_err(httpd, i))
                                break;
                        if (httpd->fds[i].revents == 0)
                                continue;