escape bytes in the 0x7F-0xFF range, too
authorEric Wong <normalperson@yhbt.net>
Tue, 6 Dec 2011 01:53:43 +0000 (5 17:53 -0800)
committerEric Wong <normalperson@yhbt.net>
Tue, 6 Dec 2011 01:53:43 +0000 (5 17:53 -0800)
This matches the behavior of nginx 1.0.9

ext/clogger_ext/clogger.c
lib/clogger/pure.rb
test/test_clogger.rb

index e1fcecb..c1e3eb4 100644 (file)
@@ -161,7 +161,7 @@ static void init_buffers(struct clogger *c)
 static inline int need_escape(unsigned c)
 {
        assert(c <= 0xff);
-       return !!(c == '\'' || c == '"' || c <= 0x1f);
+       return !!(c == '\'' || c == '"' || c <= 0x1f || c >= 0x7f);
 }
 
 /* we are encoding-agnostic, clients can send us all sorts of junk */
index 63907ae..8c3d3dc 100644 (file)
@@ -98,7 +98,9 @@ private
   def byte_xs(s)
     s = s.dup
     s.force_encoding(Encoding::BINARY) if defined?(Encoding::BINARY)
-    s.gsub!(/(['"\x00-\x1f])/) { |x| "\\x#{$1.unpack('H2').first.upcase}" }
+    s.gsub!(/(['"\x00-\x1f\x7f-\xff])/) do |x|
+      "\\x#{$1.unpack('H2').first.upcase}"
+    end
     s
   end
 
index 35a211a..10640e2 100644 (file)
@@ -390,6 +390,15 @@ class TestClogger < Test::Unit::TestCase
     assert_equal "a\\x0Ab\n", str.string
   end
 
+  def test_escape_crazy_delete
+    str = StringIO.new
+    app = lambda { |env| [302, {}, [] ] }
+    cl = Clogger.new(app, :logger => str, :format => "$http_cookie")
+    @req["HTTP_COOKIE"] = "a\x7f\xff"
+    cl.call(@req)
+    assert_equal "a\\x7F\\xFF\n", str.string
+  end
+
   def test_request_uri_fallback
     str = StringIO.new
     app = lambda { |env| [ 200, {}, [] ] }