[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 48/178: cookie: fix and optimize 2nd top level doma
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnurl] 48/178: cookie: fix and optimize 2nd top level domain name extraction |
|
Date: |
Wed, 23 May 2018 12:24:43 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 82dfdac5f797d2e906b94aef3f82b6a80353a575
Author: Patrick Monnerat <address@hidden>
AuthorDate: Wed Apr 4 15:28:28 2018 +0200
cookie: fix and optimize 2nd top level domain name extraction
This fixes a segfault occurring when a name of the (invalid) form
"domain..tld"
is processed.
test46 updated to cover this case.
Follow-up to commit c990ead.
Ref: https://github.com/curl/curl/pull/2440
---
lib/cookie.c | 17 +++++++----------
tests/data/test46 | 28 ++++++++++++++--------------
2 files changed, 21 insertions(+), 24 deletions(-)
diff --git a/lib/cookie.c b/lib/cookie.c
index 027fa0977..ec3b1bf9a 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -246,26 +246,23 @@ pathmatched:
static const char *get_top_domain(const char * const domain, size_t *outlen)
{
size_t len;
- const char *first, *last;
+ const char *first = NULL, *last;
if(!domain)
return NULL;
len = strlen(domain);
- first = memchr(domain, '.', len);
last = memrchr(domain, '.', len);
+ if(last) {
+ first = memrchr(domain, '.', (size_t) (last - domain));
+ if(first)
+ len -= (size_t) (++first - domain);
+ }
if(outlen)
*outlen = len;
- if(first == last)
- return domain;
-
- first = memrchr(domain, '.', (size_t)(last - domain - 1));
- if(outlen)
- *outlen = len - (size_t)(first - domain) - 1;
-
- return first + 1;
+ return first? first: domain;
}
/*
diff --git a/tests/data/test46 b/tests/data/test46
index e78aa72a3..a4bc9e4fa 100644
--- a/tests/data/test46
+++ b/tests/data/test46
@@ -33,7 +33,7 @@ This server reply is for testing cookies
http
</server>
<name>
-HTTP, get cookies and store in cookie jar
+HTTP with bad domain name, get cookies and store in cookie jar
</name>
# Explicitly set the time zone to a known good one, in case the user is
# using one of the 'right' zones that take into account leap seconds
@@ -42,7 +42,7 @@ HTTP, get cookies and store in cookie jar
TZ=GMT
</setenv>
<command>
-%HOSTIP:%HTTPPORT/want/46 -c log/jar46 -b log/injar46
+domain..tld:%HTTPPORT/want/46 --resolve domain..tld:%HTTPPORT:%HOSTIP -c
log/jar46 -b log/injar46
</command>
<file name="log/injar46">
# Netscape HTTP Cookie File
@@ -51,9 +51,9 @@ TZ=GMT
www.fake.come FALSE / FALSE 2022144953 cookiecliente si
www.loser.com FALSE / FALSE 2139150993 UID 99
-%HOSTIP FALSE / FALSE 1739150993 mooo indeed
-#HttpOnly_%HOSTIP FALSE /want FALSE 1739150993 mooo2 indeed2
-%HOSTIP FALSE /want FALSE 0 empty
+domain..tld FALSE / FALSE 1739150993 mooo indeed
+#HttpOnly_domain..tld FALSE /want FALSE 1739150993 mooo2 indeed2
+domain..tld FALSE /want FALSE 0 empty
</file>
</client>
@@ -64,7 +64,7 @@ www.loser.com FALSE / FALSE 2139150993 UID
99
</strip>
<protocol>
GET /want/46 HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
+Host: domain..tld:%HTTPPORT
Accept: */*
Cookie: empty=; mooo2=indeed2; mooo=indeed
@@ -74,14 +74,14 @@ Cookie: empty=; mooo2=indeed2; mooo=indeed
# https://curl.haxx.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
-%HOSTIP FALSE / FALSE 1739150993 mooo indeed
-#HttpOnly_%HOSTIP FALSE /want FALSE 1739150993 mooo2 indeed2
-%HOSTIP FALSE /want FALSE 0 empty
-%HOSTIP FALSE / FALSE 2054030187 ckyPersistent
permanent
-%HOSTIP FALSE / FALSE 0 ckySession temporary
-%HOSTIP FALSE / FALSE 0 ASPSESSIONIDQGGQQSJJ
GKNBDIFAAOFDPDAIEAKDIBKE
-%HOSTIP FALSE / FALSE 0 justaname
-%HOSTIP FALSE /want/ FALSE 0 simplyhuge
zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
[...]
+domain..tld FALSE / FALSE 1739150993 mooo indeed
+#HttpOnly_domain..tld FALSE /want FALSE 1739150993 mooo2 indeed2
+domain..tld FALSE /want FALSE 0 empty
+domain..tld FALSE / FALSE 2054030187 ckyPersistent
permanent
+domain..tld FALSE / FALSE 0 ckySession temporary
+domain..tld FALSE / FALSE 0 ASPSESSIONIDQGGQQSJJ
GKNBDIFAAOFDPDAIEAKDIBKE
+domain..tld FALSE / FALSE 0 justaname
+domain..tld FALSE /want/ FALSE 0 simplyhuge
zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
[...]
www.fake.come FALSE / FALSE 2022144953 cookiecliente si
www.loser.com FALSE / FALSE 2139150993 UID 99
</file>
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 57/178: RELEASE-NOTES: synced, (continued)
- [GNUnet-SVN] [gnurl] 57/178: RELEASE-NOTES: synced, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 54/178: build-openssl.bat: allow custom paths for VS and perl, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 50/178: tls: fix mbedTLS 2.7.0 build + handle sha256 failures, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 52/178: file: restore old behavior for file:////foo/bar URLs, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 69/178: travis: use trusty for coverage build, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 70/178: travis: bump to clang 6 and gcc 7, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 85/178: README.md: add backers and sponsors, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 55/178: winbuild: make the clean target work without build-type, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 44/178: cookies: when reading from a file, only remove_expired once, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 68/178: lib: silence null-dereference warnings, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 48/178: cookie: fix and optimize 2nd top level domain name extraction,
gnunet <=
- [GNUnet-SVN] [gnurl] 51/178: Revert "openssl: Don't add verify locations when verifypeer==0", gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 73/178: mailmap: add a monnerat fixup [ci skip], gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 64/178: build: cleanup to fix clang warnings/errors, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 56/178: build-openssl.bat: Refer to VS2017 as VC14.1 instead of VC15, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 116/178: strcpy_url: only %-encode values >= 0x80, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 105/178: curl_global_sslset: always provide available backends, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 86/178: winbuild: Support custom devel paths for each dependency, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 100/178: Revert "ftplistparser: keep state between invokes", gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 103/178: curl.1: clarify that options and URLs can be mixed, gnunet, 2018/05/23
- [GNUnet-SVN] [gnurl] 119/178: RELEASE-NOTES: synced, gnunet, 2018/05/23