From: Daniel Stenberg Date: Sun, 24 Apr 2022 22:29:22 +0000 (+0200) Subject: c_escape: escape '?' in generated --libcurl code X-Git-Tag: curl-7_83_0~21 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=60452236fa8fc28987946b0a3b38c8d51aebb4d1;p=thirdparty%2Fcurl.git c_escape: escape '?' in generated --libcurl code In order to avoid the risk of it being used in an accidental trigraph in the generated code. Reported-by: Harry Sintonen Bug: https://hackerone.com/reports/1548535 Closes #8742 --- diff --git a/src/tool_setopt.c b/src/tool_setopt.c index 6d763ab944..0b83ff8e46 100644 --- a/src/tool_setopt.c +++ b/src/tool_setopt.c @@ -273,6 +273,12 @@ static char *c_escape(const char *str, curl_off_t len) strcpy(e, "\\\""); e += 2; } + else if(c == '?') { + /* escape question marks as well, to prevent generating accidental + trigraphs */ + strcpy(e, "\\?"); + e += 2; + } else if(!isprint(c)) { msnprintf(e, 5, "\\x%02x", (unsigned)c); e += 4; diff --git a/tests/data/test1403 b/tests/data/test1403 index f86f0111ca..46bd63dceb 100644 --- a/tests/data/test1403 +++ b/tests/data/test1403 @@ -69,7 +69,7 @@ int main(int argc, char *argv[]) hnd = curl_easy_init(); curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L); - curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER?foo=bar&baz=quux"); + curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER\?foo=bar&baz=quux"); curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped"); curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L); curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);