Curl_follow: extract the Location: header field unvalidated

... when not actually following the redirect. Otherwise we return error for this and an application can't extract the value. Test 1518 added to verify. Reported-by: Pavel Pavlov Fixes #3340 Closes #3364
author: Daniel Stenberg <daniel@haxx.se> 2018-12-11 16:08:51 +0100
committer: Daniel Stenberg <daniel@haxx.se> 2018-12-12 07:58:47 +0100
commit: 435402cfe3f6e50b08e344211878d800184b5eb8 (patch)
tree: e4ceb2ca5ba9d6d36821686e10d6eabd2370fbdc /lib
parent: ecb2e194d45c92e430bcf133fcee85a8a336cfcb (diff)
1 files changed, 15 insertions, 5 deletions
diff --git a/lib/transfer.c b/lib/transfer.c
index 5b1af4ebe..6390821bb 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -1534,12 +1534,22 @@ CURLcode Curl_follow(struct Curl_easy *data,
   DEBUGASSERT(data->state.uh);
   uc = curl_url_set(data->state.uh, CURLUPART_URL, newurl,
                     (type == FOLLOW_FAKE) ? CURLU_NON_SUPPORT_SCHEME : 0);
-  if(uc)
-    return Curl_uc_to_curlcode(uc);
+  if(uc) {
+    if(type != FOLLOW_FAKE)
+      return Curl_uc_to_curlcode(uc);
+
+    /* the URL could not be parsed for some reason, but since this is FAKE
+       mode, just duplicate the field as-is */
+    newurl = strdup(newurl);
+    if(!newurl)
+      return CURLE_OUT_OF_MEMORY;
+  }
+  else {
 
-  uc = curl_url_get(data->state.uh, CURLUPART_URL, &newurl, 0);
-  if(uc)
-    return Curl_uc_to_curlcode(uc);
+    uc = curl_url_get(data->state.uh, CURLUPART_URL, &newurl, 0);
+    if(uc)
+      return Curl_uc_to_curlcode(uc);
+  }
 
   if(type == FOLLOW_FAKE) {
     /* we're only figuring out the new url if we would've followed locations
author	Daniel Stenberg <daniel@haxx.se>	2018-12-11 16:08:51 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2018-12-12 07:58:47 +0100
commit	435402cfe3f6e50b08e344211878d800184b5eb8 (patch)
tree	e4ceb2ca5ba9d6d36821686e10d6eabd2370fbdc /lib
parent	ecb2e194d45c92e430bcf133fcee85a8a336cfcb (diff)