adjust the signature of create_query_string a bit

author: Jesse Luehrs <doy@tozt.net> 2019-04-13 04:30:50 -0400
committer: Jesse Luehrs <doy@tozt.net> 2019-04-13 04:30:50 -0400
commit: 01e62e9baaf5860f0b9dee39e985a89333c0a854 (patch)
tree: 1305097c8943d56edfc7cf9a06016a30fb1ce195
parent: c48a2b579673d4f4034bb7275165b72077e60fbd (diff)
download: matasano-01e62e9baaf5860f0b9dee39e985a89333c0a854.tar.gz
matasano-01e62e9baaf5860f0b9dee39e985a89333c0a854.zip
3 files changed, 14 insertions, 14 deletions
diff --git a/src/http.rs b/src/http.rs
index 10b0eca..359502f 100644
--- a/src/http.rs
+++ b/src/http.rs
@@ -25,7 +25,7 @@ pub fn parse_query_string(string: &str) -> Option<HashMap<&str, &str>> {
     return Some(map);
 }
 
-pub fn create_query_string(params: HashMap<&str, &str>) -> String {
+pub fn create_query_string(params: &HashMap<&str, String>) -> String {
     fn escape(s: &str) -> String {
         s.replace("%", "%25")
             .replace("&", "%26")
@@ -57,10 +57,10 @@ fn test_parse_query_string() {
 #[test]
 fn test_create_query_string() {
     let mut params = HashMap::new();
-    params.insert("foo", "bar");
-    params.insert("baz", "qux");
-    params.insert("zap", "zazzle");
-    let got = create_query_string(params);
+    params.insert("foo", "bar".to_string());
+    params.insert("baz", "qux".to_string());
+    params.insert("zap", "zazzle".to_string());
+    let got = create_query_string(&params);
     let expected1 = "foo=bar&baz=qux&zap=zazzle";
     let expected2 = "foo=bar&zap=zazzle&baz=qux";
     let expected3 = "baz=qux&foo=bar&zap=zazzle";
@@ -82,8 +82,8 @@ fn test_create_query_string() {
 #[test]
 fn test_create_query_string_malicious() {
     let mut params = HashMap::new();
-    params.insert("email", "foo@bar.com&role=admin");
-    let got = create_query_string(params);
+    params.insert("email", "foo@bar.com&role=admin".to_string());
+    let got = create_query_string(&params);
     let expected = "email=foo@bar.com%26role%3Dadmin";
     assert_eq!(got, expected);
 }
diff --git a/tests/set2.rs b/tests/set2.rs
index 04614de..a77cf7a 100644
--- a/tests/set2.rs
+++ b/tests/set2.rs
@@ -99,10 +99,10 @@ fn problem_12() {
 fn problem_13() {
     fn profile_for(email: &str) -> String {
         let mut params = HashMap::new();
-        params.insert("email", email);
-        params.insert("uid", "10");
-        params.insert("role", "user");
-        return matasano::create_query_string(params);
+        params.insert("email", email.to_string());
+        params.insert("uid", "10".to_string());
+        params.insert("role", "user".to_string());
+        return matasano::create_query_string(&params);
     }
 
     let key = util::random_aes_128_key();
diff --git a/tests/set4.rs b/tests/set4.rs
index 5095b6a..89581e2 100644
--- a/tests/set4.rs
+++ b/tests/set4.rs
@@ -215,12 +215,12 @@ fn problem_31() {
     let file = "filename.txt";
     let got = matasano::crack_hmac_timing(file, |guess| {
         let mut params = std::collections::HashMap::new();
-        params.insert("file", file);
-        params.insert("signature", guess);
+        params.insert("file", file.to_string());
+        params.insert("signature", guess.to_string());
         let res = reqwest::get(&format!(
             "{}{}",
             "http://localhost:9000/?",
-            matasano::create_query_string(params)
+            matasano::create_query_string(&params)
         ))
         .unwrap();
         let status = res.status();
author	Jesse Luehrs <doy@tozt.net>	2019-04-13 04:30:50 -0400
committer	Jesse Luehrs <doy@tozt.net>	2019-04-13 04:30:50 -0400
commit	01e62e9baaf5860f0b9dee39e985a89333c0a854 (patch)
tree	1305097c8943d56edfc7cf9a06016a30fb1ce195
parent	c48a2b579673d4f4034bb7275165b72077e60fbd (diff)
download	matasano-01e62e9baaf5860f0b9dee39e985a89333c0a854.tar.gz matasano-01e62e9baaf5860f0b9dee39e985a89333c0a854.zip