Commit ec08e2f9 authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

Alex Fishman reported a curl_easy_escape() problem that was made the 

function do wrong on all input bytes that are >= 0x80 (decimal 128) due to a
signed / unsigned mistake in the code. I fixed it and added test case 543 to
verify.
parent 38dd0ede

CHANGES

+6 −0
Original line number Diff line number Diff line
@@ -6,6 +6,12 @@ 


                                  Changelog



Daniel S (1 October 2007)

- Alex Fishman reported a curl_easy_escape() problem that was made the

  function do wrong on all input bytes that are >= 0x80 (decimal 128) due to a

  signed / unsigned mistake in the code. I fixed it and added test case 543 to

  verify.



Daniel S (29 September 2007)

- Immanuel Gregoire fixed a problem with persistent transfers over SFTP.

RELEASE-NOTES

+3 −2
Original line number Diff line number Diff line
@@ -27,7 +27,8 @@ This release includes the following bugfixes: 
 o --ftp-method nocwd on directory listings

 o FTP, CURLOPT_NOBODY enabled and CURLOPT_HEADER disabled now does TYPE

   before SIZE

 o persistent transfers over SFTP

 o re-used handle transfers with SFTP

 o curl_easy_escape() problem with byte values >= 128



This release includes the following known bugs:
@@ -45,6 +46,6 @@ This release would not have looked like this without help, code, reports and 
advice from friends like these:



 Dan Fandrich, Michal Marek, Gnter Knauf, Rob Crittenden, Immanuel Gregoire,

 Mark Davies, Max Katsev, Philip Langdale

 Mark Davies, Max Katsev, Philip Langdale, Alex Fishman

 

        Thanks! (and sorry if I forgot to mention someone)

lib/escape.c

+2 −2
Original line number Diff line number Diff line
@@ -5,7 +5,7 @@ 
 *                            | (__| |_| |  _ <| |___

 *                             \___|\___/|_| \_\_____|

 *

 * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.

 * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.

 *

 * This software is licensed as described in the file COPYING, which

 * you should have received as part of this distribution. The terms
@@ -59,7 +59,7 @@ char *curl_easy_escape(CURL *handle, const char *string, int inlength) 
  size_t alloc = (inlength?(size_t)inlength:strlen(string))+1;

  char *ns;

  char *testing_ptr = NULL;

  char in;

  unsigned char in; /* we need to treat the characters unsigned */

  size_t newlen = alloc;

  int strindex=0;

  size_t length;

tests/data/Makefile.am

+1 −1
Original line number Diff line number Diff line
@@ -44,4 +44,4 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \ 
 test409 test613 test614 test700 test701 test702 test704 test705 test703   \

 test706 test707 test350 test351 test352 test353 test289 test540 test354   \

 test231 test1000 test1001 test1002 test1003 test1004 test1005 test1006    \

 test615 test1007 test541 test1010 test1011 test1012
 
 test615 test1007 test541 test1010 test1011 test1012 test542 test543

tests/data/test543

0 → 100644
+35 −0
Original line number Diff line number Diff line 
<testcase>

<info>

<keywords>

curl_easy_escape

</keywords>

</info>

# Server-side



# Client-side

<client>

<server>

none

</server>

<tool>

lib543

</tool>

 <name>

curl_easy_escape

 </name>

 <command>

-

</command>



</client>



# Verify data after the test has been "shot"

#

# There's no MTDM in the protocol here since this code doesn't ask for the

# time/date of the file

<verify>

<stdout>

%9C%26K%3DI%04%A1%01%E0%D8%7C%20%B7%EFS%29%FA%1DW%E1

</stdout>

</verify>

</testcase>