From 5ca96cb84410270e233c92bf1b2583cba40c3fad Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 15 Aug 2013 13:05:25 +0200 Subject: urlglob: better detect unclosed braces, empty lists and overflows A rather big overhaul and cleanup. 1 - curl wouldn't properly detect and reject globbing that ended with an open brace if there were brackets or braces before it. Like "{}{" or "[0-1]{" 2 - curl wouldn't properly reject empty lists so that "{}{}" would result in curl getting (nil) strings in the output. 3 - By using strtoul() instead of sscanf() the code will now detected over and underflows. It now also better parses the step argument to only accept positive numbers and only step counters that is smaller than the delta between the maximum and minimum numbers. 4 - By switching to unsigned longs instead of signed ints for the counters, the max values for []-ranges are now very large (on 64bit machines). 5 - Bumped the maximum number of globs in a single URL to 100 (from 10) 6 - Simplified the code somewhat and now it stores fixed strings as single- entry lists. That's also one of the reasons why I did (5) as now all strings between "globs" will take a slot in the array. Added test 1234 and 1235 to verify. Updated test 87. This commit fixes three separate bug reports. Bug: http://curl.haxx.se/bug/view.cgi?id=1264 Bug: http://curl.haxx.se/bug/view.cgi?id=1265 Bug: http://curl.haxx.se/bug/view.cgi?id=1266 Reported-by: Will Dietz --- tests/data/test1235 | 94 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 tests/data/test1235 (limited to 'tests/data/test1235') diff --git a/tests/data/test1235 b/tests/data/test1235 new file mode 100644 index 000000000..6c2a6a966 --- /dev/null +++ b/tests/data/test1235 @@ -0,0 +1,94 @@ + + + +HTTP +HTTP GET +{} list + + +# Server-side + + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 15 + +the number one + + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 16 + +two is nice too + + + +# Client-side + + +http + + +multiple requests using {}{} in the URL + + +"%HOSTIP:%HTTPPORT/{1235,1235}{0001,0002}" + + + +# Verify data after the test has been "shot" + + +^User-Agent:.* + + +GET /12350001 HTTP/1.1 +User-Agent: curl/7.8.1-pre3 (sparc-sun-solaris2.7) libcurl 7.8.1-pre3 (OpenSSL 0.9.6a) (krb4 enabled) +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /12350002 HTTP/1.1 +User-Agent: curl/7.8.1-pre3 (sparc-sun-solaris2.7) libcurl 7.8.1-pre3 (OpenSSL 0.9.6a) (krb4 enabled) +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /12350001 HTTP/1.1 +User-Agent: curl/7.8.1-pre3 (sparc-sun-solaris2.7) libcurl 7.8.1-pre3 (OpenSSL 0.9.6a) (krb4 enabled) +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /12350002 HTTP/1.1 +User-Agent: curl/7.8.1-pre3 (sparc-sun-solaris2.7) libcurl 7.8.1-pre3 (OpenSSL 0.9.6a) (krb4 enabled) +Host: %HOSTIP:%HTTPPORT +Accept: */* + + + +--_curl_--%HOSTIP:%HTTPPORT/12350001 +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 15 + +the number one +--_curl_--%HOSTIP:%HTTPPORT/12350002 +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 16 + +two is nice too +--_curl_--%HOSTIP:%HTTPPORT/12350001 +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 15 + +the number one +--_curl_--%HOSTIP:%HTTPPORT/12350002 +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 16 + +two is nice too + + + -- cgit v1.2.3