haserl: use a different prefix for cookie variables to prevent form variable injectio...
[openwrt/svn-archive/archive.git] / package / haserl / patches / 100-cookie_prefix.patch
1 diff -ur haserl.old/src/haserl.c haserl.dev/src/haserl.c
2 --- haserl.old/src/haserl.c 2004-11-10 18:59:35.000000000 +0100
3 +++ haserl.dev/src/haserl.c 2006-11-25 03:24:31.000000000 +0100
4 @@ -74,6 +74,7 @@
5 token_t /*@null@*/ *token_list = NULL;
6
7 char global_variable_prefix[] = HASERL_VAR_PREFIX;
8 +char cookie_variable_prefix[] = "COOKIE_";
9 int global_subshell_pipe[4];
10 int global_subshell_pid;
11 int global_subshell_died = 0;
12 @@ -221,7 +222,7 @@
13 while (token) {
14 // skip leading spaces
15 while ( token[0] == ' ' ) { token++; }
16 - myputenv(token, global_variable_prefix);
17 + myputenv(token, cookie_variable_prefix);
18 token=strtok(NULL, ";");
19 }
20 free (qs);