HTTP proxy: insert slash in URL if missing (e4b733e3) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP curl

lib/url.c

+38 −0

Original line number	Diff line number	Diff line
		@@ -3663,6 +3663,7 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data,
		char protobuf[16];
		const char *protop;
		CURLcode result;
		bool fix_slash = FALSE;

		*prot_missing = FALSE;

		@@ -3809,12 +3810,14 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data,
		memcpy(path+1, query, hostlen);

		path[0]='/'; /* prepend the missing slash */
		fix_slash = TRUE;

		query=0; / now cut off the hostname at the ? */
		}
		else if(!path[0]) {
		/* if there's no path set, use a single slash */
		strcpy(path, "/");
		fix_slash = TRUE;
		}

		/* If the URL is malformatted (missing a '/' after hostname before path) we
		@@ -3827,6 +3830,41 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data,
		is bigger than the path. Use +1 to move the zero byte too. */
		memmove(&path[1], path, strlen(path)+1);
		path[0] = '/';
		fix_slash = TRUE;
		}


		/*
		* "fix_slash" means that the URL was malformatted so we need to generate an
		* updated version with the new slash inserted at the right place! We need
		* the corrected URL when communicating over HTTP proxy and we don't know at
		* this point if we're using a proxy or not.
		*/
		if(fix_slash) {
		char *reurl;

		size_t plen = strlen(path); /* new path, should be 1 byte longer than
		the original */
		size_t urllen = strlen(data->change.url); /* original URL length */

		reurl = malloc(urllen + 2); /* 2 for zerobyte + slash */
		if(!reurl)
		return CURLE_OUT_OF_MEMORY;

		/* copy the prefix */
		memcpy(reurl, data->change.url, urllen - (plen-1));

		/* append the trailing piece + zerobyte */
		memcpy(&reurl[urllen - (plen-1)], path, plen + 1);

		/* possible free the old one */
		if(data->change.url_alloc) {
		Curl_safefree(data->change.url);
		data->change.url_alloc = FALSE;
		}

		data->change.url = reurl;
		data->change.url_alloc = TRUE; /* free this later */
		}

		/*************************************************************

tests/FILEFORMAT

+4 −0

Original line number	Diff line number	Diff line
		@@ -250,6 +250,10 @@ If a CONNECT is used to the server (to emulate HTTPS etc over proxy), the port
		number given in the CONNECT request will be used to identify which test that
		is being run, if the proxy host name is said to start with 'test'.

		If there's no non-zero test number found in the above to places, the HTTP test
		server will use the number following the last dot in the given url so that
		"foo.bar.123" gets treated as test case 123.

		Set type="perl" to write the test case as a perl script. It implies that
		there's no memory debugging and valgrind gets shut off for this test.

tests/data/Makefile.am

+1 −1

Original line number	Diff line number	Diff line
		@@ -77,7 +77,7 @@ test1110 test1111 test1112 test1113 test1114 test1115 test1116 test1117 \
		test1118 test1119 test1120 test1121 test1122 test1123 test1124 test1125 \
		test1126 test1127 test1128 test1129 test1130 test1131 test1132 test1133 \
		test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \
		test1208 test1209 test1210 test1211 test1212 \
		test1208 test1209 test1210 test1211 test1212 test1213 test1214 \
		test1220 test1221 test1222 test1223 \
		test1300 test1301 test1302 test1303 test1304 test1305 \
		test1306 test1307 test1308 test1309 test1310 test1311 test1312 test1313 \

tests/data/test1213

0 → 100644

+53 −0

Original line number	Diff line number	Diff line
		<testcase>
		<info>
		<keywords>
		HTTP
		HTTP GET
		HTTP proxy
		</keywords>
		</info>

		# Server-side
		<reply>
		<data>
		HTTP/1.1 200 OK
		Date: Thu, 09 Nov 2010 14:49:00 GMT
		Server: test-server/fake
		Content-Type: text/html
		Funny-head: yesyes
		Content-Length: 22

		the content goes here
		</data>
		</reply>

		# Client-side
		<client>
		<server>
		http
		</server>
		<name>
		HTTP with proxy and host-only URL
		</name>
		# the thing here is that this sloppy form is accepted and we convert it
		# for normal server use, and we need to make sure it gets converted to
		# RFC style even for proxies
		<command>
		-x %HOSTIP:%HTTPPORT we.want.that.site.com.1213
		</command>
		</client>

		# Verify data after the test has been "shot"
		<verify>
		<strip>
		^User-Agent:.*
		</strip>
		<protocol>
		GET HTTP://we.want.that.site.com.1213/ HTTP/1.1
		Host: we.want.that.site.com.1213
		Accept: /
		Proxy-Connection: Keep-Alive

		</protocol>
		</verify>
		</testcase>

tests/data/test1214

0 → 100644

+53 −0

Original line number	Diff line number	Diff line
		<testcase>
		<info>
		<keywords>
		HTTP
		HTTP GET
		HTTP proxy
		</keywords>
		</info>

		# Server-side
		<reply>
		<data>
		HTTP/1.1 200 OK
		Date: Thu, 09 Nov 2010 14:49:00 GMT
		Server: test-server/fake
		Content-Type: text/html
		Funny-head: yesyes
		Content-Length: 22

		the content goes here
		</data>
		</reply>

		# Client-side
		<client>
		<server>
		http
		</server>
		<name>
		HTTP with proxy and URL with ? and no slash separator
		</name>
		# the thing here is that this sloppy form is accepted and we convert it
		# for normal server use, and we need to make sure it gets converted to
		# RFC style even for proxies
		<command>
		-x %HOSTIP:%HTTPPORT http://we.want.that.site.com.1214?moo=foo
		</command>
		</client>

		# Verify data after the test has been "shot"
		<verify>
		<strip>
		^User-Agent:.*
		</strip>
		<protocol>
		GET http://we.want.that.site.com.1214/?moo=foo HTTP/1.1
		Host: we.want.that.site.com.1214
		Accept: /
		Proxy-Connection: Keep-Alive

		</protocol>
		</verify>
		</testcase>