urlapi: respect CURLU_ALLOW_SPACE and CURLU_NO_AUTHORITY for redirects

author Emanuele Torre <torreemanuele6@gmail.com>

Thu, 18 May 2023 08:48:19 +0000 (10:48 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Thu, 18 May 2023 18:52:59 +0000 (20:52 +0200)
author Emanuele Torre <torreemanuele6@gmail.com>
Thu, 18 May 2023 08:48:19 +0000 (10:48 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Thu, 18 May 2023 18:52:59 +0000 (20:52 +0200)
diff --git a/lib/urlapi.c b/lib/urlapi.c

index b163db93fc4d640a2faeadfb1f28c4ec49319509..a7dbd8ee706acc1630b19d814d67f9bbfc6115aa 100644 (file)
--- a/lib/urlapi.c
+++ b/lib/urlapi.c
@@ -617,7 +617,8 @@ static CURLUcode ipv6_parse(struct Curl_URL *u, char *hostname,
  }
  
  static CURLUcode hostname_check(struct Curl_URL *u, char *hostname,
-                                size_t hlen) /* length of hostname */
+                                size_t hlen, /* length of hostname */
+                                unsigned int flags)
  {
    size_t len;
    DEBUGASSERT(hostname);
@@ -627,8 +628,10 @@ static CURLUcode hostname_check(struct Curl_URL *u, char *hostname,
    else if(hostname[0] == '[')
      return ipv6_parse(u, hostname, hlen);
    else {
-    /* letters from the second string are not ok */
-    len = strcspn(hostname, " \r\n\t/:#?!@{}[]\\$\'\"^`*<>=;,+&()%");
+    static char bad_chars[] = " \r\n\t/:#?!@{}[]\\$\'\"^`*<>=;,+&()%";
+    len = strcspn(hostname, (flags & CURLU_ALLOW_SPACE)
+                            ? &bad_chars[1] /* space is allowed */
+                            : bad_chars);
      if(hlen != len)
        /* hostname with bad content */
        return CURLUE_BAD_HOSTNAME;
@@ -801,8 +804,9 @@ static CURLUcode parse_authority(struct Curl_URL *u,
      break;
    case HOST_NAME:
      result = urldecode_host(host);
-    if(!result)
-      result = hostname_check(u, Curl_dyn_ptr(host), Curl_dyn_len(host));
+    if(!result && !(flags & CURLU_NO_AUTHORITY))
+      result = hostname_check(u, Curl_dyn_ptr(host), Curl_dyn_len(host),
+                              flags);
      break;
    case HOST_ERROR:
      result = CURLUE_OUT_OF_MEMORY;
@@ -1888,7 +1892,7 @@ nomem:
          /* Skip hostname check, it's allowed to be empty. */
        }
        else {
-        if(!n || hostname_check(u, (char *)newp, n)) {
+        if(!n || hostname_check(u, (char *)newp, n, flags)) {
            free((char *)newp);
            return CURLUE_BAD_HOSTNAME;
          }
diff --git a/tests/libtest/lib1560.c b/tests/libtest/lib1560.c

index 8d7b4e966e99382a2585ff88f7133ea74d8e6274..e81575f43b2de24f75b4b41dc36c81187236dd0b 100644 (file)
--- a/tests/libtest/lib1560.c
+++ b/tests/libtest/lib1560.c
@@ -984,6 +984,14 @@ static const struct redircase set_url_list[] = {
     "../newpage",
     "http://user:foo@example.com/newpage",
     0, 0, CURLUE_OK},
+  {"http://user:foo@example.com/path?query#frag",
+   "http://example org/",
+   "http://example org/",
+   0, CURLU_ALLOW_SPACE, CURLUE_OK},
+  {"http://user:foo@example.com/path?query#frag",
+   "http://?hi",
+   "http:///?hi",
+   0, CURLU_NO_AUTHORITY, CURLUE_OK},
    {NULL, NULL, NULL, 0, 0, CURLUE_OK}
  };
author	Emanuele Torre <torreemanuele6@gmail.com>
	Thu, 18 May 2023 08:48:19 +0000 (10:48 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Thu, 18 May 2023 18:52:59 +0000 (20:52 +0200)
lib/urlapi.c		patch \| blob \| blame \| history
tests/libtest/lib1560.c		patch \| blob \| blame \| history