diff options
| author | Jesse Luehrs <doy@tozt.net> | 2015-03-20 09:59:48 -0400 |
|---|---|---|
| committer | Jesse Luehrs <doy@tozt.net> | 2015-03-20 09:59:48 -0400 |
| commit | 1b809825ec0b5e4ef0fed2776d410e1d79e7a7e8 (patch) | |
| tree | 4883cc52e21ba2cdfa4bc20168f0c4537f810a0c | |
| parent | 1d465be4f8f3998c0ae315177456e5b4b86e13b8 (diff) | |
| download | matasano-1b809825ec0b5e4ef0fed2776d410e1d79e7a7e8.tar.gz matasano-1b809825ec0b5e4ef0fed2776d410e1d79e7a7e8.zip | |
don't panic if we can't parse the query string
the query string comes from external input, so it should be more robust
| -rw-r--r-- | src/http.rs | 35 |
1 files changed, 19 insertions, 16 deletions
diff --git a/src/http.rs b/src/http.rs index 2763636..9096298 100644 --- a/src/http.rs +++ b/src/http.rs @@ -1,27 +1,28 @@ use std::collections::HashMap; -pub fn parse_query_string (string: &str) -> HashMap<&str, &str> { +pub fn parse_query_string (string: &str) -> Option<HashMap<&str, &str>> { let mut map = HashMap::new(); let mut offset = 0; let len = string.as_bytes().len(); while offset < len { let key_start = offset; - let key_end = key_start + string[key_start..] - .find('=') - .unwrap_or_else(|| { - panic!("couldn't parse query string '{:?}'", string) - }); - let key = &string[key_start..key_end]; - let value_start = key_end + 1; - let value_end = value_start + string[value_start..] - .find('&') - .unwrap_or_else(|| string[value_start..].as_bytes().len()); - let value = &string[value_start..value_end]; - map.insert(key, value); - offset = value_end + 1; + if let Some(found) = string[key_start..].find('=') { + let key_end = key_start + found; + let key = &string[key_start..key_end]; + let value_start = key_end + 1; + let value_end = value_start + string[value_start..] + .find('&') + .unwrap_or_else(|| string[value_start..].as_bytes().len()); + let value = &string[value_start..value_end]; + map.insert(key, value); + offset = value_end + 1; + } + else { + return None; + } } - return map; + return Some(map); } pub fn create_query_string (params: HashMap<&str, &str>) -> String { @@ -46,7 +47,9 @@ fn test_parse_query_string () { expected.insert("foo", "bar"); expected.insert("baz", "qux"); expected.insert("zap", "zazzle"); - assert_eq!(got, expected); + assert_eq!(got, Some(expected)); + + assert_eq!(parse_query_string("foo=bar&baz=qux&zapzazzle"), None); } #[test] |