Author: emaste Date: Wed Feb 5 16:55:00 2020 New Revision: 357579 URL: https://svnweb.freebsd.org/changeset/base/357579
Log: libfetch: disallow invalid escape sequences Per RFC1738 escape is "% hex hex"; other sequences do not form a valid URL. Suggested by: Matthew Dillon Reviewed by: Matthew Dillon MFC after: 1 week Modified: head/lib/libfetch/fetch.c Modified: head/lib/libfetch/fetch.c ============================================================================== --- head/lib/libfetch/fetch.c Wed Feb 5 16:54:16 2020 (r357578) +++ head/lib/libfetch/fetch.c Wed Feb 5 16:55:00 2020 (r357579) @@ -327,6 +327,9 @@ fetch_pctdecode(char *dst, const char *src, size_t dle (d2 = fetch_hexval(s[2])) >= 0 && (d1 > 0 || d2 > 0)) { c = d1 << 4 | d2; s += 2; + } else if (s[0] == '%') { + /* Invalid escape sequence. */ + return (NULL); } else { c = *s; } _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"