From ba72b12030864a05fc88bc94a3b699971cc70b0a Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Mon, 5 Dec 2011 17:53:43 -0800 Subject: escape bytes in the 0x7F-0xFF range, too This matches the behavior of nginx 1.0.9 --- ext/clogger_ext/clogger.c | 2 +- lib/clogger/pure.rb | 4 +++- test/test_clogger.rb | 9 +++++++++ 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/ext/clogger_ext/clogger.c b/ext/clogger_ext/clogger.c index e1fcecb..c1e3eb4 100644 --- a/ext/clogger_ext/clogger.c +++ b/ext/clogger_ext/clogger.c @@ -161,7 +161,7 @@ static void init_buffers(struct clogger *c) static inline int need_escape(unsigned c) { assert(c <= 0xff); - return !!(c == '\'' || c == '"' || c <= 0x1f); + return !!(c == '\'' || c == '"' || c <= 0x1f || c >= 0x7f); } /* we are encoding-agnostic, clients can send us all sorts of junk */ diff --git a/lib/clogger/pure.rb b/lib/clogger/pure.rb index 63907ae..8c3d3dc 100644 --- a/lib/clogger/pure.rb +++ b/lib/clogger/pure.rb @@ -98,7 +98,9 @@ private def byte_xs(s) s = s.dup s.force_encoding(Encoding::BINARY) if defined?(Encoding::BINARY) - s.gsub!(/(['"\x00-\x1f])/) { |x| "\\x#{$1.unpack('H2').first.upcase}" } + s.gsub!(/(['"\x00-\x1f\x7f-\xff])/) do |x| + "\\x#{$1.unpack('H2').first.upcase}" + end s end diff --git a/test/test_clogger.rb b/test/test_clogger.rb index 35a211a..10640e2 100644 --- a/test/test_clogger.rb +++ b/test/test_clogger.rb @@ -390,6 +390,15 @@ class TestClogger < Test::Unit::TestCase assert_equal "a\\x0Ab\n", str.string end + def test_escape_crazy_delete + str = StringIO.new + app = lambda { |env| [302, {}, [] ] } + cl = Clogger.new(app, :logger => str, :format => "$http_cookie") + @req["HTTP_COOKIE"] = "a\x7f\xff" + cl.call(@req) + assert_equal "a\\x7F\\xFF\n", str.string + end + def test_request_uri_fallback str = StringIO.new app = lambda { |env| [ 200, {}, [] ] } -- cgit v1.2.3-24-ge0c7