dotdot: introducing dot file path cleanup

RFC3986 details how a path part passed in as part of a URI should be
"cleaned" from dot sequences before getting used. The described
algorithm is now implemented in lib/dotdot.c with the accompanied test
case in test 1395.

Bug: http://curl.haxx.se/bug/view.cgi?id=1200
Reported-by: Alex Vinnik

5 files changed, 179 insertions, 2 deletions

diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index e96bc9ba1..ecfee4850 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -93,7 +93,7 @@ test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \
 test1208 test1209 test1210 test1211 test1212 test1213 test1214 test1215 \
 test1216 test1217 test1218 test1219 \
 test1220 test1221 test1222 test1223 test1224 test1225 test1226 test1227 \
-test1228 test1229 test1230 \
+test1228 test1229 test1230 test1231 \
 \
 test1300 test1301 test1302 test1303 test1304 test1305 test1306 test1307 \
 test1308 test1309 test1310 test1311 test1312 test1313 test1314 test1315 \
diff --git a/tests/data/test1231 b/tests/data/test1231
new file mode 100644
index 000000000..16533a851
--- /dev/null
+++ b/tests/data/test1231
@@ -0,0 +1,61 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+dotdot removal
+</keywords>
+</info>
+
+#
+# Server-side
+<reply name="1">
+<data>
+HTTP/1.1 200 OK
+Content-Length: 6
+Connection: close
+
+-foo-
+</data>
+
+<data1>
+HTTP/1.1 200 OK
+Content-Length: 7
+Connection: close
+
+-cool-
+</data1>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP URL with dotdot removal from path
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/../../hej/but/who/../1231?stupid=me/../1231#soo/../1231 http://%HOSTIP:%HTTPPORT/../../hej/but/who/../12310001#/../12310001
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /hej/but/1231?stupid=me/../1231 HTTP/1.1

+Host: %HOSTIP:%HTTPPORT

+Accept: */*

+

+GET /hej/but/12310001 HTTP/1.1

+Host: %HOSTIP:%HTTPPORT

+Accept: */*

+

+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1395 b/tests/data/test1395
new file mode 100644
index 000000000..967c8d492
--- /dev/null
+++ b/tests/data/test1395
@@ -0,0 +1,26 @@
+<testcase>
+<info>
+<keywords>
+unittest
+</keywords>
+</info>
+
+#
+# Client-side
+<client>
+<server>
+none
+</server>
+<features>
+unittest
+</features>
+ <name>
+Curl_dedotdotify
+ </name>
+<tool>
+unit1395
+</tool>
+
+</client>
+
+</testcase>
diff --git a/tests/unit/Makefile.inc b/tests/unit/Makefile.inc
index 4b3f903e3..4c06fcf86 100644
--- a/tests/unit/Makefile.inc
+++ b/tests/unit/Makefile.inc
@@ -6,7 +6,7 @@ UNITFILES = curlcheck.h \
 
 # These are all unit test programs
 UNITPROGS = unit1300 unit1301 unit1302 unit1303 unit1304 unit1305 unit1307 \
- unit1308 unit1309 unit1330 unit1394 unit1396
+ unit1308 unit1309 unit1330 unit1394 unit1395 unit1396
 
 unit1300_SOURCES = unit1300.c $(UNITFILES)
 unit1300_CPPFLAGS = $(AM_CPPFLAGS)
@@ -44,5 +44,8 @@ unit1394_LDADD = @LIBMETALINK_LIBS@ $(top_builddir)/lib/libcurl.la @LIBCURL_LIBS
 unit1394_LDFLAGS = @LIBMETALINK_LDFLAGS@ $(top_builddir)/src/libcurltool.la
 unit1394_LIBS =
 
+unit1395_SOURCES = unit1395.c $(UNITFILES)
+unit1395_CPPFLAGS = $(AM_CPPFLAGS)
+
 unit1396_SOURCES = unit1396.c $(UNITFILES)
 unit1396_CPPFLAGS = $(AM_CPPFLAGS)
diff --git a/tests/unit/unit1395.c b/tests/unit/unit1395.c
new file mode 100644
index 000000000..8b0b0a08a
--- /dev/null
+++ b/tests/unit/unit1395.c
@@ -0,0 +1,87 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "curlcheck.h"
+
+#include "dotdot.h"
+
+#include "memdebug.h"
+
+static CURLcode unit_setup(void)
+{
+  return CURLE_OK;
+}
+
+static void unit_stop(void)
+{
+
+}
+
+struct dotdot {
+  const char *input;
+  const char *output;
+};
+
+UNITTEST_START
+
+  unsigned int i;
+  int fails=0;
+  struct dotdot pairs[] = {
+    { "/a/b/c/./../../g", "/a/g" },
+    { "mid/content=5/../6", "mid/6" },
+    { "/hello/../moo", "/moo" },
+    { "/1/../1", "/1" },
+    { "/1/./1", "/1/1" },
+    { "/1/..", "/" },
+    { "/1/.", "/1/" },
+    { "/1/./..", "/" },
+    { "/1/./../2", "/2" },
+    { "/hello/1/./../2", "/hello/2" },
+    { "test/this", "test/this" },
+    { "test/this/../now", "test/now" },
+    { "/1../moo../foo", "/1../moo../foo"},
+    { "/../../moo", "/moo"},
+    { "/../../moo?andnot/../yay", "/moo?andnot/../yay"},
+    { "/123?foo=/./&bar=/../", "/123?foo=/./&bar=/../"},
+    { "/../moo/..?what", "/?what" },
+  };
+
+  for(i=0; i < sizeof(pairs)/sizeof(pairs[0]); i++) {
+    char *out = Curl_dedotdotify((char *)pairs[i].input);
+
+    if(strcmp(out, pairs[i].output)) {
+      fprintf(stderr, "Test %d: '%s' gave '%s' instead of '%s'\n",
+              i, pairs[i].input, out, pairs[i].output);
+      fail("Test case output mismatched");
+      fails++;
+    }
+    else
+      fprintf(stderr, "Test %d: OK\n", i);
+    free(out);
+  }
+
+  return fails;
+
+UNITTEST_STOP
+
+
+
+