diff options
Diffstat (limited to 'libs/libcurl/src/dotdot.c')
| -rw-r--r-- | libs/libcurl/src/dotdot.c | 48 |
1 files changed, 29 insertions, 19 deletions
diff --git a/libs/libcurl/src/dotdot.c b/libs/libcurl/src/dotdot.c index 41b73bef41..cbb308d785 100644 --- a/libs/libcurl/src/dotdot.c +++ b/libs/libcurl/src/dotdot.c @@ -5,11 +5,11 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms - * are also available at http://curl.haxx.se/docs/copyright.html. + * are also available at https://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is @@ -22,19 +22,22 @@ #include "curl_setup.h" -#include "dotdot.h" +#include <curl/curl.h> +#include "dotdot.h" #include "curl_memory.h" + /* The last #include file should be: */ #include "memdebug.h" /* * "Remove Dot Segments" - * http://tools.ietf.org/html/rfc3986#section-5.2.4 + * https://tools.ietf.org/html/rfc3986#section-5.2.4 */ /* * Curl_dedotdotify() + * @unittest: 1395 * * This function gets a zero-terminated path with dot and dotdot sequences * passed in and strips them off according to the rules in RFC 3986 section @@ -47,12 +50,12 @@ * * an allocated dedotdotified output string */ -char *Curl_dedotdotify(char *input) +char *Curl_dedotdotify(const char *input) { size_t inlen = strlen(input); char *clone; size_t clen = inlen; /* the length of the cloned input */ - char *out = malloc(inlen+1); + char *out = malloc(inlen + 1); char *outptr; char *orgclone; char *queryp; @@ -68,6 +71,12 @@ char *Curl_dedotdotify(char *input) orgclone = clone; outptr = out; + if(!*clone) { + /* zero length string, return that */ + free(out); + return clone; + } + /* * To handle query-parts properly, we must find it and remove it during the * dotdot-operation and then append it again at the end to the output @@ -83,25 +92,25 @@ char *Curl_dedotdotify(char *input) remove that prefix from the input buffer; otherwise, */ if(!strncmp("./", clone, 2)) { - clone+=2; - clen-=2; + clone += 2; + clen -= 2; } else if(!strncmp("../", clone, 3)) { - clone+=3; - clen-=3; + clone += 3; + clen -= 3; } /* B. if the input buffer begins with a prefix of "/./" or "/.", where "." is a complete path segment, then replace that prefix with "/" in the input buffer; otherwise, */ else if(!strncmp("/./", clone, 3)) { - clone+=2; - clen-=2; + clone += 2; + clen -= 2; } else if(!strcmp("/.", clone)) { clone[1]='/'; clone++; - clen-=1; + clen -= 1; } /* C. if the input buffer begins with a prefix of "/../" or "/..", where @@ -110,8 +119,8 @@ char *Curl_dedotdotify(char *input) any) from the output buffer; otherwise, */ else if(!strncmp("/../", clone, 4)) { - clone+=3; - clen-=3; + clone += 3; + clen -= 3; /* remove the last segment from the output buffer */ while(outptr > out) { outptr--; @@ -122,8 +131,8 @@ char *Curl_dedotdotify(char *input) } else if(!strcmp("/..", clone)) { clone[2]='/'; - clone+=2; - clen-=2; + clone += 2; + clen -= 2; /* remove the last segment from the output buffer */ while(outptr > out) { outptr--; @@ -137,7 +146,8 @@ char *Curl_dedotdotify(char *input) that from the input buffer; otherwise, */ else if(!strcmp(".", clone) || !strcmp("..", clone)) { - *clone=0; + *clone = 0; + *out = 0; } else { @@ -162,7 +172,7 @@ char *Curl_dedotdotify(char *input) from the correct index. */ size_t oindex = queryp - orgclone; qlen = strlen(&input[oindex]); - memcpy(outptr, &input[oindex], qlen+1); /* include the ending zero byte */ + memcpy(outptr, &input[oindex], qlen + 1); /* include the end zero byte */ } free(orgclone); |