aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Gustafsson <daniel@yesql.se>2018-12-11 15:02:19 +0100
committerDaniel Gustafsson <daniel@yesql.se>2018-12-11 15:02:19 +0100
commit63533cbde279ce91ed9e9c92d47b6297235d1d02 (patch)
tree5212a395bb3649fb24535c4eff2abd6c0305a4ed
parent552f0205e6901889a965fe679f4afeeeed7f4955 (diff)
urlapi: fix portnumber parsing for ipv6 zone index
An IPv6 URL which contains a zone index includes a '%%25<zode id>' string before the ending ']' bracket. The parsing logic wasn't set up to cope with the zone index however, resulting in a malformed url error being returned. Fix by breaking the parsing into two stages to correctly handle the zone index. Closes #3355 Closes #3319 Reported-by: tonystz on Github Reviewed-by: Daniel Stenberg <daniel@haxx.se> Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
-rw-r--r--lib/urlapi.c26
1 files changed, 20 insertions, 6 deletions
diff --git a/lib/urlapi.c b/lib/urlapi.c
index be9958cd8..21942ebad 100644
--- a/lib/urlapi.c
+++ b/lib/urlapi.c
@@ -490,16 +490,30 @@ static CURLUcode parse_hostname_login(struct Curl_URL *u,
static CURLUcode parse_port(struct Curl_URL *u, char *hostname)
{
- char *portptr;
+ char *portptr = NULL;
char endbracket;
int len;
- if((1 == sscanf(hostname, "[%*45[0123456789abcdefABCDEF:.%%]%c%n",
- &endbracket, &len)) &&
- (']' == endbracket)) {
+ /*
+ * Find the end of an IPv6 address, either on the ']' ending bracket or
+ * a percent-encoded zone index.
+ */
+ if(1 == sscanf(hostname, "[%*45[0123456789abcdefABCDEF:.]%c%n",
+ &endbracket, &len)) {
+ if(']' == endbracket)
+ portptr = &hostname[len];
+ else if('%' == endbracket) {
+ int zonelen = len;
+ if(1 == sscanf(hostname + zonelen, "25%*[^]]]%c%n", &endbracket, &len))
+ portptr = &hostname[--zonelen + len];
+ else
+ return CURLUE_MALFORMED_INPUT;
+ }
+ else
+ return CURLUE_MALFORMED_INPUT;
+
/* this is a RFC2732-style specified IP-address */
- portptr = &hostname[len];
- if(*portptr) {
+ if(portptr && *portptr) {
if(*portptr != ':')
return CURLUE_MALFORMED_INPUT;
}