Author: emaste
Date: Wed Feb 5 16:55:00 2020
New Revision: 357579
URL: https://svnweb.freebsd.org/changeset/base/357579
Log:
libfetch: disallow invalid escape sequences
Per RFC1738 escape is "% hex hex"; other sequences do not form a valid URL.
Suggested by: Matthew Dillon
Reviewed by: Matthew Dillon
MFC after: 1 week
Modified:
head/lib/libfetch/fetch.c
Modified: head/lib/libfetch/fetch.c
==============================================================================
--- head/lib/libfetch/fetch.c Wed Feb 5 16:54:16 2020 (r357578)
+++ head/lib/libfetch/fetch.c Wed Feb 5 16:55:00 2020 (r357579)
@@ -327,6 +327,9 @@ fetch_pctdecode(char *dst, const char *src, size_t dle
(d2 = fetch_hexval(s[2])) >= 0 && (d1 > 0 || d2 > 0)) {
c = d1 << 4 | d2;
s += 2;
+ } else if (s[0] == '%') {
+ /* Invalid escape sequence. */
+ return (NULL);
} else {
c = *s;
}
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
