c_escape: escape '?' in generated --libcurl code

In order to avoid the risk of it being used in an accidental trigraph in
the generated code.

Reported-by: Harry Sintonen
Bug: https://hackerone.com/reports/1548535
Closes #8742

diff --git a/src/tool_setopt.c b/src/tool_setopt.c
index 6d763ab9443ffb5a44884a2b9ae449606f4cc3b6..0b83ff8e46544c2cda8af248e1b820a184b99435 100644 (file)
--- a/src/tool_setopt.c
+++ b/src/tool_setopt.c
@@ -273,6 +273,12 @@ static char *c_escape(const char *str, curl_off_t len)
       strcpy(e, "\\\"");
       e += 2;
     }
+    else if(c == '?') {
+      /* escape question marks as well, to prevent generating accidental
+         trigraphs */
+      strcpy(e, "\\?");
+      e += 2;
+    }
     else if(!isprint(c)) {
       msnprintf(e, 5, "\\x%02x", (unsigned)c);
       e += 4;

diff --git a/tests/data/test1403 b/tests/data/test1403
index f86f0111ca7c9ce89ef57fd00ba8e2ab1b8ec954..46bd63dceb718d0bdc73a6052526ea8f0c331222 100644 (file)
--- a/tests/data/test1403
+++ b/tests/data/test1403
@@ -69,7 +69,7 @@ int main(int argc, char *argv[])
 
   hnd = curl_easy_init();
   curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
-  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER?foo=bar&baz=quux");
+  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER\?foo=bar&baz=quux");
   curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped");
   curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
   curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);