[Privoxy-commits] [privoxy] 03/06: cgi_send_banner(): Overrule invalid image types

[User Git]

This is an automated email from the git hooks/post-receive script.

git pushed a commit to branch master
in repository privoxy.

commit e711c505c4830ab271938d61af90a2075523f058
Author: Fabian Keil <fk at fabiankeil.de>
AuthorDate: Sat Feb 6 20:43:06 2021 +0100

    cgi_send_banner(): Overrule invalid image types
    
    Prevents a crash with a crafted CGI request if
    Privoxy is toggled off.
    
    OVE-20210206-0001.
    
    Reported by: Joshua Rogers (Opera)
---
 cgisimple.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/cgisimple.c b/cgisimple.c
index fd47c6d0..866ac263 100644
--- a/cgisimple.c
+++ b/cgisimple.c
@@ -542,6 +542,14 @@ jb_err cgi_send_banner(struct client_state *csp,
 {
    char imagetype = lookup(parameters, "type")[0];
 
+   if (imagetype != 'a' && imagetype != 'b' &&
+       imagetype != 'p' && imagetype != 't')
+   {
+      log_error(LOG_LEVEL_ERROR, "Overruling invalid image type '%c'.",
+         imagetype);
+      imagetype = 'p';
+   }
+
    /*
     * If type is auto, then determine the right thing
     * to do from the set-image-blocker action

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.