Mercurial > hg > nginx-quic
annotate src/os/win32/ngx_user.c @ 9049:a10210a45c8b
Core: stricter UTF-8 handling in ngx_utf8_decode().
An UTF-8 octet sequence cannot start with a 11111xxx byte (above 0xf8),
see https://datatracker.ietf.org/doc/html/rfc3629#section-3. Previously,
such bytes were accepted by ngx_utf8_decode() and misinterpreted as 11110xxx
bytes (as in a 4-byte sequence). While unlikely, this can potentially cause
issues.
Fix is to explicitly reject such bytes in ngx_utf8_decode().
author | Yugo Horie <u5.horie@gmail.com> |
---|---|
date | Thu, 23 Feb 2023 08:09:50 +0900 |
parents | d620f497c50f |
children |
rev | line source |
---|---|
503 | 1 /* |
2 * Copyright (C) Igor Sysoev | |
4412 | 3 * Copyright (C) Nginx, Inc. |
503 | 4 */ |
5 | |
6 | |
7 #include <ngx_config.h> | |
8 #include <ngx_core.h> | |
9 | |
10 | |
11 #if (NGX_CRYPT) | |
12 | |
13 ngx_int_t | |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
503
diff
changeset
|
14 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
503 | 15 { |
16 /* STUB: a plain text password */ | |
17 | |
18 *encrypted = key; | |
19 | |
20 return NGX_OK; | |
21 } | |
22 | |
23 #endif /* NGX_CRYPT */ |