abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-19 19:33:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

Bug fix

Browse Source
This commit is contained in:
Zhi Guan
2026-06-17 16:15:13 +08:00
parent ace325928b
commit 40a62baec7
8 changed files with 35 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
tools/tlcp_client.c
View File

@@ -252,6 +252,11 @@ int tlcp_client_main(int argc, char *argv[])
} else if (!strcmp(*argv, "-host")) {
if (--argc < 1) goto bad;
host = *(++argv);
// prevent CRLF injection in http request header
if (strchr(host, '\r') || strchr(host, '\n')) {
fprintf(stderr, "%s: invalid characters in '-host' value\n", prog);
return -1;
}
} else if (!strcmp(*argv, "-port")) {
if (--argc < 1) goto bad;
port = atoi(*(++argv));
@@ -334,6 +339,11 @@ int tlcp_client_main(int argc, char *argv[])
} else if (!strcmp(*argv, "-get")) {
if (--argc < 1) goto bad;
get = *(++argv);
// prevent CRLF injection in http request line
if (strchr(get, '\r') || strchr(get, '\n')) {
fprintf(stderr, "%s: invalid characters in '-get' value\n", prog);
return -1;
}
} else if (!strcmp(*argv, "-in")) {
if (--argc < 1) goto bad;
infile = *(++argv);