parse_proxy: bail out on zero-length proxy names! (ecc93caa) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP curl

lib/url.c

+10 −1

Original line number	Diff line number	Diff line
		@@ -4271,11 +4271,20 @@ static CURLcode parse_proxy(struct SessionHandle *data,
		conn->port = strtol(prox_portno, NULL, 10);
		}
		else {
		if(proxyptr[0]=='/') {
		/* If the first character in the proxy string is a slash, fail
		immediately. The following code will otherwise clear the string which
		will lead to code running as if no proxy was set! */
		free(proxy); /* free the former proxy string */
		return CURLE_COULDNT_RESOLVE_PROXY;
		}

		/* without a port number after the host name, some people seem to use
		a slash so we strip everything from the first slash */
		atsign = strchr(proxyptr, '/');
		if(atsign)
		if(atsign) {
		atsign = 0x0; / cut off path part from host name */
		}

		if(data->set.proxyport)
		/* None given in the proxy string, then get the default one if it is

+1 −1

Original line number	Diff line number	Diff line
		@@ -82,7 +82,7 @@ test1220 \
		test1300 test1301 test1302 test1303 test1304 test1305 \
		test1306 test1307 test1308 test1309 test1310 test1311 test1312 test1313 \
		test1314 test1315 test1316 test1317 test1318 test1319 test1320 test1321 \
		test1322 test1323 test1324 test1325 test1326 test1327 test1328 \
		test1322 test1323 test1324 test1325 test1326 test1327 test1328 test1329 \
		test2000 test2001 test2002 test2003 test2004

		EXTRA_DIST = $(TESTCASES) DISABLED

0 → 100644

+30 −0

Original line number	Diff line number	Diff line
		<testcase>
		<info>
		<keywords>
		HTTP proxy
		</keywords>
		</info>

		#
		# Client-side
		<client>
		<server>
		http
		</server>
		<name>
		/-prefixed proxy name
		</name>
		<command>
		http://%HOSTIP:%HTTPPORT/we/want/that/page/1329 -x "/server"
		</command>
		</client>

		#
		# Verify data after the test has been "shot"
		<verify>
		# 5 == CURLE_COULDNT_RESOLVE_PROXY
		<errorcode>
		5
		</errorcode>
		</verify>
		</testcase>