projects / openwrt / svn-archive / archive.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
packages: clean up the package folder
[openwrt/svn-archive/archive.git] / package / utils / busybox / patches / 004-upstream-percent_decode_in_place.patch
1 http://git.busybox.net/busybox/commit/?id=dd1061b6a79b0161597799e825bfefc27993ace5
2
3 From dd1061b6a79b0161597799e825bfefc27993ace5 Mon Sep 17 00:00:00 2001
4 From: Denys Vlasenko <vda.linux@googlemail.com>
5 Date: Sun, 11 Sep 2011 21:04:02 +0200
6 Subject: [PATCH] wget: URL-decode user:password before base64-encoding it into auth hdr. Closes 3625.
7
8 function old new delta
9 percent_decode_in_place - 152 +152
10 parse_url 304 317 +13
11 handle_incoming_and_exit 2795 2798 +3
12 httpd_main 763 760 -3
13 decodeString 152 - -152
14 ------------------------------------------------------------------------------
15 (add/remove: 2/1 grow/shrink: 2/1 up/down: 168/-155) Total: 13 bytes
16
17 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
18
19 --- a/include/libbb.h
20 +++ b/include/libbb.h
21 @@ -1570,6 +1570,15 @@ int starts_with_cpu(const char *str) FAS
22 unsigned get_cpu_count(void) FAST_FUNC;
23
24
25 +/* Use strict=1 if you process input from untrusted source:
26 + * it will return NULL on invalid %xx (bad hex chars)
27 + * and str + 1 if decoded char is / or NUL.
28 + * In non-strict mode, it always succeeds (returns str),
29 + * and also it additionally decoded '+' to space.
30 + */
31 +char *percent_decode_in_place(char *str, int strict) FAST_FUNC;
32 +
33 +
34 extern const char bb_uuenc_tbl_base64[];
35 extern const char bb_uuenc_tbl_std[];
36 void bb_uuencode(char *store, const void *s, int length, const char *tbl) FAST_FUNC;
37 --- /dev/null
38 +++ b/libbb/percent_decode.c
39 @@ -0,0 +1,69 @@
40 +/* vi: set sw=4 ts=4: */
41 +/*
42 + * Licensed under GPLv2 or later, see file LICENSE in this source tree.
43 + */
44 +
45 +//kbuild:lib-y += percent_decode.o
46 +
47 +#include "libbb.h"
48 +
49 +static unsigned hex_to_bin(unsigned char c)
50 +{
51 + unsigned v;
52 +
53 + v = c - '0';
54 + if (v <= 9)
55 + return v;
56 + /* c | 0x20: letters to lower case, non-letters
57 + * to (potentially different) non-letters */
58 + v = (unsigned)(c | 0x20) - 'a';
59 + if (v <= 5)
60 + return v + 10;
61 + return ~0;
62 +/* For testing:
63 +void t(char c) { printf("'%c'(%u) %u\n", c, c, hex_to_bin(c)); }
64 +int main() { t(0x10); t(0x20); t('0'); t('9'); t('A'); t('F'); t('a'); t('f');
65 +t('0'-1); t('9'+1); t('A'-1); t('F'+1); t('a'-1); t('f'+1); return 0; }
66 +*/
67 +}
68 +
69 +char* FAST_FUNC percent_decode_in_place(char *str, int strict)
70 +{
71 + /* note that decoded string is always shorter than original */
72 + char *src = str;
73 + char *dst = str;
74 + char c;
75 +
76 + while ((c = *src++) != '\0') {
77 + unsigned v;
78 +
79 + if (!strict && c == '+') {
80 + *dst++ = ' ';
81 + continue;
82 + }
83 + if (c != '%') {
84 + *dst++ = c;
85 + continue;
86 + }
87 + v = hex_to_bin(src[0]);
88 + if (v > 15) {
89 + bad_hex:
90 + if (strict)
91 + return NULL;
92 + *dst++ = '%';
93 + continue;
94 + }
95 + v = (v * 16) | hex_to_bin(src[1]);
96 + if (v > 255)
97 + goto bad_hex;
98 + if (strict && (v == '/' || v == '\0')) {
99 + /* caller takes it as indication of invalid
100 + * (dangerous wrt exploits) chars */
101 + return str + 1;
102 + }
103 + *dst++ = v;
104 + src += 2;
105 + }
106 + *dst = '\0';
107 + return str;
108 +}
109 --- a/networking/httpd.c
110 +++ b/networking/httpd.c
111 @@ -820,78 +820,6 @@ static char *encodeString(const char *st
112 }
113 #endif
114
115 -/*
116 - * Given a URL encoded string, convert it to plain ascii.
117 - * Since decoding always makes strings smaller, the decode is done in-place.
118 - * Thus, callers should xstrdup() the argument if they do not want the
119 - * argument modified. The return is the original pointer, allowing this
120 - * function to be easily used as arguments to other functions.
121 - *
122 - * string The first string to decode.
123 - * option_d 1 if called for httpd -d
124 - *
125 - * Returns a pointer to the decoded string (same as input).
126 - */
127 -static unsigned hex_to_bin(unsigned char c)
128 -{
129 - unsigned v;
130 -
131 - v = c - '0';
132 - if (v <= 9)
133 - return v;
134 - /* c | 0x20: letters to lower case, non-letters
135 - * to (potentially different) non-letters */
136 - v = (unsigned)(c | 0x20) - 'a';
137 - if (v <= 5)
138 - return v + 10;
139 - return ~0;
140 -/* For testing:
141 -void t(char c) { printf("'%c'(%u) %u\n", c, c, hex_to_bin(c)); }
142 -int main() { t(0x10); t(0x20); t('0'); t('9'); t('A'); t('F'); t('a'); t('f');
143 -t('0'-1); t('9'+1); t('A'-1); t('F'+1); t('a'-1); t('f'+1); return 0; }
144 -*/
145 -}
146 -static char *decodeString(char *orig, int option_d)
147 -{
148 - /* note that decoded string is always shorter than original */
149 - char *string = orig;
150 - char *ptr = string;
151 - char c;
152 -
153 - while ((c = *ptr++) != '\0') {
154 - unsigned v;
155 -
156 - if (option_d && c == '+') {
157 - *string++ = ' ';
158 - continue;
159 - }
160 - if (c != '%') {
161 - *string++ = c;
162 - continue;
163 - }
164 - v = hex_to_bin(ptr[0]);
165 - if (v > 15) {
166 - bad_hex:
167 - if (!option_d)
168 - return NULL;
169 - *string++ = '%';
170 - continue;
171 - }
172 - v = (v * 16) | hex_to_bin(ptr[1]);
173 - if (v > 255)
174 - goto bad_hex;
175 - if (!option_d && (v == '/' || v == '\0')) {
176 - /* caller takes it as indication of invalid
177 - * (dangerous wrt exploits) chars */
178 - return orig + 1;
179 - }
180 - *string++ = v;
181 - ptr += 2;
182 - }
183 - *string = '\0';
184 - return orig;
185 -}
186 -
187 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
188 /*
189 * Decode a base64 data stream as per rfc1521.
190 @@ -1949,7 +1877,7 @@ static void handle_incoming_and_exit(con
191 }
192
193 /* Decode URL escape sequences */
194 - tptr = decodeString(urlcopy, 0);
195 + tptr = percent_decode_in_place(urlcopy, /*strict:*/ 1);
196 if (tptr == NULL)
197 send_headers_and_exit(HTTP_BAD_REQUEST);
198 if (tptr == urlcopy + 1) {
199 @@ -2408,7 +2336,7 @@ int httpd_main(int argc UNUSED_PARAM, ch
200 , &verbose
201 );
202 if (opt & OPT_DECODE_URL) {
203 - fputs(decodeString(url_for_decode, 1), stdout);
204 + fputs(percent_decode_in_place(url_for_decode, /*strict:*/ 0), stdout);
205 return 0;
206 }
207 #if ENABLE_FEATURE_HTTPD_ENCODE_URL_STR
208 --- a/networking/wget.c
209 +++ b/networking/wget.c
210 @@ -298,8 +298,13 @@ static void parse_url(const char *src_ur
211
212 sp = strrchr(h->host, '@');
213 if (sp != NULL) {
214 - h->user = h->host;
215 + // URL-decode "user:password" string before base64-encoding:
216 + // wget http://test:my%20pass@example.com should send
217 + // Authorization: Basic dGVzdDpteSBwYXNz
218 + // which decodes to "test:my pass".
219 + // Standard wget and curl do this too.
220 *sp = '\0';
221 + h->user = percent_decode_in_place(h->host, /*strict:*/ 0);
222 h->host = sp + 1;
223 }
224
225 @@ -661,12 +666,6 @@ static void download_one_url(const char
226
227 #if ENABLE_FEATURE_WGET_AUTHENTICATION
228 if (target.user) {
229 -//TODO: URL-decode "user:password" string before base64-encoding:
230 -//wget http://test:my%20pass@example.com should send
231 -// Authorization: Basic dGVzdDpteSBwYXNz
232 -//which decodes to "test:my pass", instead of what we send now:
233 -// Authorization: Basic dGVzdDpteSUyMHBhc3M=
234 -//Can reuse decodeString() from httpd.c
235 fprintf(sfp, "Proxy-Authorization: Basic %s\r\n"+6,
236 base64enc(target.user));
237 }
OpenWrt SVN history