Libinjection version 991433e7 (#524)

https://github.com/libinjection/libinjection commit 991433e7f0cd8db3ad24f1b0c429881d44251505
nbs-system · Sep 24, 2020 · d39bcf9 · d39bcf9
1 parent 1e19fcd
commit d39bcf9
Show file tree

Hide file tree

Showing 11 changed files with 879 additions and 485 deletions.
diff --git a/naxsi_src/ext/libinjection/COPYING b/naxsi_src/ext/libinjection/COPYING
@@ -0,0 +1,32 @@
+Copyright (c) 2012-2016, Nick Galbreath
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+1. Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright
+notice, this list of conditions and the following disclaimer in the
+documentation and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+https://github.com/client9/libinjection
+http://opensource.org/licenses/BSD-3-Clause
diff --git a/naxsi_src/ext/libinjection/fptool.c b/naxsi_src/ext/libinjection/fptool.c
@@ -50,7 +50,7 @@ int main(int argc, const char* argv[])
 
     if (single) {
         libinjection_sqli_fingerprint(&sf, FLAG_QUOTE_NONE | FLAG_SQL_ANSI);
-        ok = libinjection_sqli_check_fingerprint(&sf);
+        libinjection_sqli_check_fingerprint(&sf);
         fprintf(stdout, "%s\n", sf.fingerprint);
         return 0;
     }

diff --git a/naxsi_src/ext/libinjection/libinjection.h b/naxsi_src/ext/libinjection/libinjection.h
@@ -1,14 +1,14 @@
 /**
- * Copyright 2012, 2013 Nick Galbreath
+ * Copyright 2012-2016 Nick Galbreath
  * [email protected]
  * BSD License -- see COPYING.txt for details
  *
  * https://libinjection.client9.com/
  *
  */
 
-#ifndef _LIBINJECTION_H
-#define _LIBINJECTION_H
+#ifndef LIBINJECTION_H
+#define LIBINJECTION_H
 
 #ifdef __cplusplus
 # define LIBINJECTION_BEGIN_DECLS    extern "C" {
@@ -47,19 +47,19 @@ const char* libinjection_version(void);
  * \param[out] fingerprint buffer of 8+ characters.  c-string,
  * \return 1 if SQLi, 0 if benign.  fingerprint will be set or set to empty string.
  */
-int libinjection_sqli(const char* s, size_t slen, char fingerprint[]);
+int libinjection_sqli(const char* input, size_t slen, char fingerprint[]);
 
-/** ALPHA version of xss detector. 
+/** ALPHA version of xss detector.
  *
- * NOT DONE. 
+ * NOT DONE.
  *
  * \param[in] s  input string, may contain nulls, does not need to be null-terminated
  * \param[in] slen input string length
  * \return 1 if XSS found, 0 if benign
  *
  */
-int libinjection_xss(const char* s, size_t slen);
+int libinjection_xss(const char* s, size_t len);
 
 LIBINJECTION_END_DECLS
 
-#endif /* _LIBINJECTION_H */
+#endif /* LIBINJECTION_H */
diff --git a/naxsi_src/ext/libinjection/libinjection_html5.c b/naxsi_src/ext/libinjection/libinjection_html5.c
@@ -29,7 +29,7 @@
 /* prototypes */
 
 static int h5_skip_white(h5_state_t* hs);
-static int h5_is_white(char c);
+static int h5_is_white(char ch);
 static int h5_state_eof(h5_state_t* hs);
 static int h5_state_data(h5_state_t* hs);
 static int h5_state_tag_open(h5_state_t* hs);
@@ -106,9 +106,9 @@ int libinjection_h5_next(h5_state_t* hs)
 static int h5_is_white(char ch)
 {
     /*
-     * \t = htab = 0x09
+     * \t = horizontal tab = 0x09
      * \n = newline = 0x0A
-     * \v = vtab = 0x0B
+     * \v = vertical tab = 0x0B
      * \f = form feed = 0x0C
      * \r = cr  = 0x0D
      */
@@ -180,6 +180,9 @@ static int h5_state_tag_open(h5_state_t* hs)
     char ch;
 
     TRACE();
+    if (hs->pos >= hs->len) {
+        return 0;
+    }
     ch = hs->s[hs->pos];
     if (ch == CHAR_BANG) {
         hs->pos += 1;
@@ -458,7 +461,7 @@ static int h5_state_attribute_value_quote(h5_state_t* hs, char qchar)
     TRACE();
 
     /* skip initial quote in normal case.
-     * dont do this is pos == 0 since it means we have started
+     * don't do this "if (pos == 0)" since it means we have started
      * in a non-data state.  given an input of '><foo
      * we want to make 0-length attribute name
      */