From 01e62e9baaf5860f0b9dee39e985a89333c0a854 Mon Sep 17 00:00:00 2001
From: Jesse Luehrs <doy@tozt.net>
Date: Sat, 13 Apr 2019 04:30:50 -0400
Subject: adjust the signature of create_query_string a bit

---
 src/http.rs   | 14 +++++++-------
 tests/set2.rs |  8 ++++----
 tests/set4.rs |  6 +++---
 3 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/src/http.rs b/src/http.rs
index 10b0eca..359502f 100644
--- a/src/http.rs
+++ b/src/http.rs
@@ -25,7 +25,7 @@ pub fn parse_query_string(string: &str) -> Option<HashMap<&str, &str>> {
     return Some(map);
 }
 
-pub fn create_query_string(params: HashMap<&str, &str>) -> String {
+pub fn create_query_string(params: &HashMap<&str, String>) -> String {
     fn escape(s: &str) -> String {
         s.replace("%", "%25")
             .replace("&", "%26")
@@ -57,10 +57,10 @@ fn test_parse_query_string() {
 #[test]
 fn test_create_query_string() {
     let mut params = HashMap::new();
-    params.insert("foo", "bar");
-    params.insert("baz", "qux");
-    params.insert("zap", "zazzle");
-    let got = create_query_string(params);
+    params.insert("foo", "bar".to_string());
+    params.insert("baz", "qux".to_string());
+    params.insert("zap", "zazzle".to_string());
+    let got = create_query_string(&params);
     let expected1 = "foo=bar&baz=qux&zap=zazzle";
     let expected2 = "foo=bar&zap=zazzle&baz=qux";
     let expected3 = "baz=qux&foo=bar&zap=zazzle";
@@ -82,8 +82,8 @@ fn test_create_query_string() {
 #[test]
 fn test_create_query_string_malicious() {
     let mut params = HashMap::new();
-    params.insert("email", "foo@bar.com&role=admin");
-    let got = create_query_string(params);
+    params.insert("email", "foo@bar.com&role=admin".to_string());
+    let got = create_query_string(&params);
     let expected = "email=foo@bar.com%26role%3Dadmin";
     assert_eq!(got, expected);
 }
diff --git a/tests/set2.rs b/tests/set2.rs
index 04614de..a77cf7a 100644
--- a/tests/set2.rs
+++ b/tests/set2.rs
@@ -99,10 +99,10 @@ fn problem_12() {
 fn problem_13() {
     fn profile_for(email: &str) -> String {
         let mut params = HashMap::new();
-        params.insert("email", email);
-        params.insert("uid", "10");
-        params.insert("role", "user");
-        return matasano::create_query_string(params);
+        params.insert("email", email.to_string());
+        params.insert("uid", "10".to_string());
+        params.insert("role", "user".to_string());
+        return matasano::create_query_string(&params);
     }
 
     let key = util::random_aes_128_key();
diff --git a/tests/set4.rs b/tests/set4.rs
index 5095b6a..89581e2 100644
--- a/tests/set4.rs
+++ b/tests/set4.rs
@@ -215,12 +215,12 @@ fn problem_31() {
     let file = "filename.txt";
     let got = matasano::crack_hmac_timing(file, |guess| {
         let mut params = std::collections::HashMap::new();
-        params.insert("file", file);
-        params.insert("signature", guess);
+        params.insert("file", file.to_string());
+        params.insert("signature", guess.to_string());
         let res = reqwest::get(&format!(
             "{}{}",
             "http://localhost:9000/?",
-            matasano::create_query_string(params)
+            matasano::create_query_string(&params)
         ))
         .unwrap();
         let status = res.status();
-- 
cgit v1.2.3