Merged revisions 7637 via svnmerge from
/branches/1.2 git-svn-id: http://svn.digium.com/svn/asterisk/trunk@7638 f38db490-d61c-443f-a65b-d21fe96a405b
This commit is contained in:
parent
262e9759c4
commit
5655a3c810
116
cdr/cdr_tds.c
116
cdr/cdr_tds.c
|
@ -98,7 +98,6 @@ static TDSSOCKET *tds;
|
|||
static TDSLOGIN *login;
|
||||
static TDSCONTEXT *context;
|
||||
|
||||
static char *stristr(const char*, const char*);
|
||||
static char *anti_injection(const char *, int);
|
||||
static void get_date(char *, struct timeval);
|
||||
|
||||
|
@ -233,119 +232,6 @@ static int tds_log(struct ast_cdr *cdr)
|
|||
return res;
|
||||
}
|
||||
|
||||
/* Return the offset of one string within another.
|
||||
Copyright (C) 1994, 1996, 1997, 2000, 2001 Free Software Foundation, Inc.
|
||||
This file is part of the GNU C Library.
|
||||
|
||||
The GNU C Library is free software; you can redistribute it and/or
|
||||
modify it under the terms of the GNU Lesser General Public
|
||||
License as published by the Free Software Foundation; either
|
||||
version 2.1 of the License, or (at your option) any later version.
|
||||
|
||||
The GNU C Library is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
Lesser General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Lesser General Public
|
||||
License along with the GNU C Library; if not, write to the Free
|
||||
Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
||||
02111-1307 USA. */
|
||||
|
||||
/*
|
||||
* My personal strstr() implementation that beats most other algorithms.
|
||||
* Until someone tells me otherwise, I assume that this is the
|
||||
* fastest implementation of strstr() in C.
|
||||
* I deliberately chose not to comment it. You should have at least
|
||||
* as much fun trying to understand it, as I had to write it :-).
|
||||
*
|
||||
* Stephen R. van den Berg, berg@pool.informatik.rwth-aachen.de */
|
||||
|
||||
static char *
|
||||
stristr (phaystack, pneedle)
|
||||
const char *phaystack;
|
||||
const char *pneedle;
|
||||
{
|
||||
typedef unsigned chartype;
|
||||
|
||||
const unsigned char *haystack, *needle;
|
||||
chartype b;
|
||||
const unsigned char *rneedle;
|
||||
|
||||
haystack = (const unsigned char *) phaystack;
|
||||
|
||||
if ((b = toupper(*(needle = (const unsigned char *) pneedle))))
|
||||
{
|
||||
chartype c;
|
||||
haystack--; /* possible ANSI violation */
|
||||
|
||||
{
|
||||
chartype a;
|
||||
do
|
||||
if (!(a = toupper(*++haystack)))
|
||||
goto ret0;
|
||||
while (a != b);
|
||||
}
|
||||
|
||||
if (!(c = toupper(*++needle)))
|
||||
goto foundneedle;
|
||||
++needle;
|
||||
goto jin;
|
||||
|
||||
for (;;)
|
||||
{
|
||||
{
|
||||
chartype a;
|
||||
if (0)
|
||||
jin:{
|
||||
if ((a = toupper(*++haystack)) == c)
|
||||
goto crest;
|
||||
}
|
||||
else
|
||||
a = toupper(*++haystack);
|
||||
do
|
||||
{
|
||||
for (; a != b; a = toupper(*++haystack))
|
||||
{
|
||||
if (!a)
|
||||
goto ret0;
|
||||
if ((a = toupper(*++haystack)) == b)
|
||||
break;
|
||||
if (!a)
|
||||
goto ret0;
|
||||
}
|
||||
}
|
||||
while ((a = toupper(*++haystack)) != c);
|
||||
}
|
||||
crest:
|
||||
{
|
||||
chartype a;
|
||||
{
|
||||
const unsigned char *rhaystack;
|
||||
if (toupper(*(rhaystack = haystack-- + 1)) == (a = toupper(*(rneedle = needle))))
|
||||
do
|
||||
{
|
||||
if (!a)
|
||||
goto foundneedle;
|
||||
if (toupper(*++rhaystack) != (a = toupper(*++needle)))
|
||||
break;
|
||||
if (!a)
|
||||
goto foundneedle;
|
||||
}
|
||||
while (toupper(*++rhaystack) == (a = toupper(*++needle)));
|
||||
needle = rneedle; /* took the register-poor aproach */
|
||||
}
|
||||
if (!a)
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
foundneedle:
|
||||
return (char *) haystack;
|
||||
ret0:
|
||||
return 0;
|
||||
}
|
||||
|
||||
static char *anti_injection(const char *str, int len)
|
||||
{
|
||||
/* Reference to http://www.nextgenss.com/papers/advanced_sql_injection.pdf */
|
||||
|
@ -376,7 +262,7 @@ static char *anti_injection(const char *str, int len)
|
|||
/* Erase known bad input */
|
||||
for (idx=0; *known_bad[idx]; idx++)
|
||||
{
|
||||
while((srh_ptr = stristr(buf, known_bad[idx]))) /* fix me! */
|
||||
while((srh_ptr = strcasestr(buf, known_bad[idx])))
|
||||
{
|
||||
memmove(srh_ptr, srh_ptr+strlen(known_bad[idx]), strlen(srh_ptr+strlen(known_bad[idx]))+1);
|
||||
}
|
||||
|
|
Reference in New Issue