From 4520534e6d5576f0647d03d6c573c5d7d45ccf6e Mon Sep 17 00:00:00 2001
From: Jay Satiro <raysatiro@yahoo.com>
Date: Fri, 5 Feb 2016 01:44:27 -0500
Subject: tool_doswin: Improve sanitization processing

- Add unit test 1604 to test the sanitize_file_name function.

- Use -DCURL_STATICLIB when building libcurltool for unit testing.

- Better detection of reserved DOS device names.

- New flags to modify sanitize behavior:

SANITIZE_ALLOW_COLONS: Allow colons
SANITIZE_ALLOW_PATH: Allow path separators and colons
SANITIZE_ALLOW_RESERVED: Allow reserved device names
SANITIZE_ALLOW_TRUNCATE: Allow truncating a long filename

- Restore sanitization of banned characters from user-specified outfile.

Prior to this commit sanitization of a user-specified outfile was
temporarily disabled in 2b6dadc because there was no way to allow path
separators and colons through while replacing other banned characters.
Now in such a case we call the sanitize function with
SANITIZE_ALLOW_PATH which allows path separators and colons to pass
through.


Closes https://github.com/curl/curl/issues/624
Reported-by: Octavio Schroeder
---
 src/tool_cb_hdr.c | 39 ++++++++++++++++++++++-----------------
 1 file changed, 22 insertions(+), 17 deletions(-)

(limited to 'src/tool_cb_hdr.c')

diff --git a/src/tool_cb_hdr.c b/src/tool_cb_hdr.c
index f86397a23..5be02aad2 100644
--- a/src/tool_cb_hdr.c
+++ b/src/tool_cb_hdr.c
@@ -115,24 +115,18 @@ size_t tool_header_cb(void *ptr, size_t size, size_t nmemb, void *userdata)
       */
       len = (ssize_t)cb - (p - str);
       filename = parse_filename(p, len);
-      if(!filename)
-        return failure;
-
-#if defined(MSDOS) || defined(WIN32)
-      if(sanitize_file_name(&filename)) {
-        free(filename);
-        return failure;
+      if(filename) {
+        outs->filename = filename;
+        outs->alloc_filename = TRUE;
+        outs->is_cd_filename = TRUE;
+        outs->s_isreg = TRUE;
+        outs->fopened = FALSE;
+        outs->stream = NULL;
+        hdrcbdata->honor_cd_filename = FALSE;
+        break;
       }
-#endif /* MSDOS || WIN32 */
-
-      outs->filename = filename;
-      outs->alloc_filename = TRUE;
-      outs->is_cd_filename = TRUE;
-      outs->s_isreg = TRUE;
-      outs->fopened = FALSE;
-      outs->stream = NULL;
-      hdrcbdata->honor_cd_filename = FALSE;
-      break;
+      else
+        return failure;
     }
   }
 
@@ -207,6 +201,17 @@ static char *parse_filename(const char *ptr, size_t len)
   if(copy != p)
     memmove(copy, p, strlen(p) + 1);
 
+#if defined(MSDOS) || defined(WIN32)
+  {
+    char *sanitized;
+    SANITIZEcode sc = sanitize_file_name(&sanitized, copy, 0);
+    Curl_safefree(copy);
+    if(sc)
+      return NULL;
+    copy = sanitized;
+  }
+#endif /* MSDOS || WIN32 */
+
   /* in case we built debug enabled, we allow an evironment variable
    * named CURL_TESTDIR to prefix the given file name to put it into a
    * specific directory
-- 
cgit v1.2.3