Fix potential buffer overrun that could occur if SRU charset name

[yaz-moved-to-github.git] / src / srwutil.c

diff --git a/src/srwutil.c b/src/srwutil.c
index 2c87b83..b115ffc 100644 (file)
--- a/src/srwutil.c
+++ b/src/srwutil.c
@@ -2,7 +2,7 @@
  * Copyright (C) 1995-2007, Index Data ApS
  * See the file LICENSE for details.
  *
- * $Id: srwutil.c,v 1.56 2007-05-06 20:12:20 adam Exp $
+ * $Id: srwutil.c,v 1.59 2007-05-24 10:18:36 adam Exp $
  */
 /**
  * \file srwutil.c
@@ -28,8 +28,9 @@ void encode_uri_char(char *dst, char ch)
 {
     if (ch == ' ')
         strcpy(dst, "+");
+    /*  mark        = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")" */
     else if ((ch >= 'A' && ch <= 'Z') || (ch >= 'a' && ch <= 'z') ||
-        (ch >= '0' && ch <= '9'))
+             (ch >= '0' && ch <= '9') || strchr("-_.!~*'(|)", ch))
     {
         dst[0] = ch;
         dst[1] = '\0';
@@ -235,6 +236,20 @@ static int yaz_base64decode(const char *in, char *out)
     return olen;
 }
 
+int yaz_srw_check_content_type(Z_HTTP_Response *hres)
+{
+    const char *content_type = z_HTTP_header_lookup(hres->headers,
+                                                    "Content-Type");
+    if (content_type)
+    {
+        if (!yaz_strcmp_del("text/xml", content_type, "; "))
+            return 1;
+        if (!yaz_strcmp_del("application/xml", content_type, "; "))
+            return 1;
+    }
+    return 0;
+}
+
 /**
  * Look for authentication tokens in HTTP Basic parameters or in x-username/x-password
  * parameters. Added by SH.
@@ -1330,11 +1345,11 @@ const char *yaz_srw_pack_to_str(int pack)
 
 int yaz_srw_str_to_pack(const char *str)
 {
-    if (!strcmp(str, "string"))
+    if (!yaz_matchstr(str, "string"))
         return Z_SRW_recordPacking_string;
-    if (!strcmp(str, "xml"))
+    if (!yaz_matchstr(str, "xml"))
         return Z_SRW_recordPacking_XML;
-    if (!strcmp(str, "url"))
+    if (!yaz_matchstr(str, "url"))
         return Z_SRW_recordPacking_URL;
     return -1;
 }