Asterisk
/
asterisk
mirror of https://github.com/asterisk/asterisk
1
0
Fork 0
Code Issues Releases Wiki Activity

Merged revisions 7637 via svnmerge from

Browse Source 
/branches/1.2


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@7638 65c4cc65-6c06-0410-ace0-fbb531ad65f3
1.4
Tilghman Lesher 20 years ago
parent a945b5598e
commit cf1e68e4e8
1 changed files with 1 additions and 115 deletions
Show Stats Download Patch File Download Diff File

116
cdr/cdr_tds.c
Unescape View File

@ -98,7 +98,6 @@ static TDSSOCKET *tds;
static TDSLOGIN *login;
static TDSCONTEXT *context;
static char *stristr(const char*, const char*);
static char *anti_injection(const char *, int);
static void get_date(char *, struct timeval);
@ -233,119 +232,6 @@ static int tds_log(struct ast_cdr *cdr)
return res;
}
/* Return the offset of one string within another.
Copyright (C) 1994, 1996, 1997, 2000, 2001 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, write to the Free
Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA. */
/*
* My personal strstr() implementation that beats most other algorithms.
* Until someone tells me otherwise, I assume that this is the
* fastest implementation of strstr() in C.
* I deliberately chose not to comment it. You should have at least
* as much fun trying to understand it, as I had to write it :-).
*
* Stephen R. van den Berg, berg@pool.informatik.rwth-aachen.de */
static char *
stristr (phaystack, pneedle)
const char *phaystack;
const char *pneedle;
{
typedef unsigned chartype;
const unsigned char *haystack, *needle;
chartype b;
const unsigned char *rneedle;
haystack = (const unsigned char *) phaystack;
if ((b = toupper(*(needle = (const unsigned char *) pneedle))))
{
chartype c;
haystack--; /* possible ANSI violation */
{
chartype a;
do
if (!(a = toupper(*++haystack)))
goto ret0;
while (a != b);
}
if (!(c = toupper(*++needle)))
goto foundneedle;
++needle;
goto jin;
for (;;)
{
{
chartype a;
if (0)
jin:{
if ((a = toupper(*++haystack)) == c)
goto crest;
}
else
a = toupper(*++haystack);
do
{
for (; a != b; a = toupper(*++haystack))
{
if (!a)
goto ret0;
if ((a = toupper(*++haystack)) == b)
break;
if (!a)
goto ret0;
}
}
while ((a = toupper(*++haystack)) != c);
}
crest:
{
chartype a;
{
const unsigned char *rhaystack;
if (toupper(*(rhaystack = haystack-- + 1)) == (a = toupper(*(rneedle = needle))))
do
{
if (!a)
goto foundneedle;
if (toupper(*++rhaystack) != (a = toupper(*++needle)))
break;
if (!a)
goto foundneedle;
}
while (toupper(*++rhaystack) == (a = toupper(*++needle)));
needle = rneedle; /* took the register-poor aproach */
}
if (!a)
break;
}
}
}
foundneedle:
return (char *) haystack;
ret0:
return 0;
}
static char *anti_injection(const char *str, int len)
{
/* Reference to http://www.nextgenss.com/papers/advanced_sql_injection.pdf */
@ -376,7 +262,7 @@ static char *anti_injection(const char *str, int len)
/* Erase known bad input */
for (idx=0; *known_bad[idx]; idx++)
{
while((srh_ptr = stristr(buf, known_bad[idx]))) /* fix me! */
while((srh_ptr = strcasestr(buf, known_bad[idx])))
{
memmove(srh_ptr, srh_ptr+strlen(known_bad[idx]), strlen(srh_ptr+strlen(known_bad[idx]))+1);
}

Write Preview
Loading…
Cancel
Save