Bug 3183: Invalid URL accepted with url host part of only '@'.

3.0 results in an ICAP segfault handling these URLs.

Newer releases do not segfault as easily, but still accept the invalid
URL and there may be other unknown side-effects.

Makes the URL parser present ERR_INVALID_URL for this edge case.

diff --git a/src/url.cc b/src/url.cc
index 2f69f9a8360a0858f1f83594f5a1bd125bdecce9..8300578a885cf47d81f65be9deee1acea8538c7b 100644 (file)
--- a/src/url.cc
+++ b/src/url.cc
@@ -325,6 +325,12 @@ urlParse(const HttpRequestMethod& method, char *url, HttpRequest *request)
             }
         }
 
+        // Bug 3183 sanity check: If scheme is present, host must be too.
+        if (protocol != AnyP::PROTO_NONE && (host == NULL || *host == '\0')) {
+            debugs(23, DBG_IMPORTANT, "SECURITY WARNING: Missing hostname in URL '" << url << "'. see access.log for details.");
+            return NULL;
+        }
+
         if (t && *t == ':') {
             *t = '\0';
             t++;