Bug 3183: Invalid URL accepted with url host part of only '@'.

3.0 results in an ICAP segfault handling these URLs.

Newer releases do not segfault as easily, but still accept the invalid
URL and there may be other unknown side-effects.

Makes the URL parser present ERR_INVALID_URL for this edge case.

diff --git a/src/url.cc b/src/url.cc
index 647d03b017fbae91bdb08669c313da08a697580f..e63cf5fce82c26d97b4a87cd4ca807b763d435f1 100644 (file)
--- a/src/url.cc
+++ b/src/url.cc
@@ -231,6 +231,12 @@ urlParse(method_t method, char *url, HttpRequest *request)
             if (*t != '\0')
                 port = atoi(t);
         }
+
+        // Bug 3183 sanity check: If scheme is present, host must be too.
+        if (protocol != PROTO_NONE && (host == NULL || *host == '\0')) {
+            debugs(23, DBG_IMPORTANT, "SECURITY WARNING: Missing hostname in URL '" << url << "'. see access.log for details.");
+            return NULL;
+        }
     }
 
     for (t = host; *t; t++)