damien
/
gfsecret
2
1
Fork 0
Code Issues Pull Requests Releases 4 Wiki Activity
Browse Source

Correctly detect missing parameter value. 

When parsing URI parameters, the following case was not detected:

  ?param1&param2=value

The absence of a value for param1 was missed because the code would look
for the '=' character in the next parameter (as if there was a single
parameter named 'param1&param2').

Fix that by checking that the '=' delimiter comes before the next '&'
delimiter, if any.
master
Damien Goutte-Gattat 10 months ago
parent
83b05346bc
commit
17b8d7fd1d
2 changed files with 9 additions and 4 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      src/secretcfg.c
  2. 4
      tests/t-parseuri.c

9
src/secretcfg.c
Unescape View File

@ -201,11 +201,12 @@ parse_parameter(const char **uri, gfsec_share_t *share)
if ( **uri == '\0' )
return 0; /* Silently ignore terminal delimiter. */
if ( ! (eq = strchr(*uri, '=')) )
return GFSEC_ERR_CONFIG_INVALID_URI;
amp = strchrnul(*uri, '&');
if ( ! (eq = strchr(*uri, '=')) || amp < eq )
return GFSEC_ERR_CONFIG_INVALID_URI; /* Missing value. */
if ( strncmp(*uri, "share", eq - *uri) == 0 ) {
amp = strchrnul(++eq, '&');
eq += 1;
if ( strncmp(eq, "no", amp - eq) == 0 )
share->number = GFSEC_SHARE_NUMBER_FULL;
else if ( strncmp(eq, "full", amp - eq) == 0 )
@ -215,7 +216,7 @@ parse_parameter(const char **uri, gfsec_share_t *share)
*uri = amp;
}
else if ( strncmp(*uri, "sha256", eq - *uri) == 0 ) {
amp = strchrnul(++eq, '&');
eq += 1;
rc = parse_sha256(eq, amp - eq, &(share->hash));
*uri = amp;
}

4
tests/t-parseuri.c
Unescape View File

@ -69,11 +69,15 @@ struct test tests[] = {
/* Several parameters. */
{ "file:///path/to/share.123?param1=val1&param2=val2&param3=val3",
0, GFSEC_SCHEME_FILE, "", "/path/to/share.123", 123, 0 },
{ "file:///path/to/share.123?param1=val&share=no&param3=val3",
0, GFSEC_SCHEME_FILE, "", "/path/to/share.123", 0, 1 },
/* Parameter with no value. */
{ "file:///path/to/share.123?param", GFSEC_ERR_CONFIG_INVALID_URI },
{ "file:///path/to/share.123?param1=val1&param2",
GFSEC_ERR_CONFIG_INVALID_URI },
{ "file:///path/to/share.123?param1=val1&param2&param3=val",
GFSEC_ERR_CONFIG_INVALID_URI },
/* Parameter with empty value. */
{ "file:///path/to/share.123?param=",

Write Preview
Loading…
Cancel
Save