1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-21 23:58:49 -05:00

escape: avoid using curl_easy_unescape() internally

Since the internal Curl_urldecode() function has a better API.
This commit is contained in:
Daniel Stenberg 2016-10-08 11:21:38 +02:00
parent 53e71e47d6
commit 46133aa536
7 changed files with 91 additions and 87 deletions

View File

@ -193,11 +193,12 @@ static CURLcode file_connect(struct connectdata *conn, bool *done)
int i;
char *actual_path;
#endif
int real_path_len;
size_t real_path_len;
real_path = curl_easy_unescape(data, data->state.path, 0, &real_path_len);
if(!real_path)
return CURLE_OUT_OF_MEMORY;
CURLcode result = Curl_urldecode(data, data->state.path, 0, &real_path,
&real_path_len, FALSE);
if(result)
return result;
#ifdef DOS_FILESYSTEM
/* If the first character is a slash, and there's

View File

@ -3299,8 +3299,8 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
}
/* get the "raw" path */
path = curl_easy_unescape(data, path_to_use, 0, NULL);
if(!path) {
result = Curl_urldecode(data, path_to_use, 0, &path, NULL, FALSE);
if(result) {
/* out of memory, but we can limp along anyway (and should try to
* since we may already be in the out of memory cleanup path) */
if(!result)
@ -4287,6 +4287,7 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
slash_pos=strrchr(cur_pos, '/');
if(slash_pos || !*cur_pos) {
size_t dirlen = slash_pos-cur_pos;
CURLcode result;
ftpc->dirs = calloc(1, sizeof(ftpc->dirs[0]));
if(!ftpc->dirs)
@ -4295,12 +4296,13 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
if(!dirlen)
dirlen++;
ftpc->dirs[0] = curl_easy_unescape(conn->data, slash_pos ? cur_pos : "/",
slash_pos ? curlx_uztosi(dirlen) : 1,
NULL);
if(!ftpc->dirs[0]) {
result = Curl_urldecode(conn->data, slash_pos ? cur_pos : "/",
slash_pos ? dirlen : 1,
&ftpc->dirs[0], NULL,
FALSE);
if(result) {
freedirs(ftpc);
return CURLE_OUT_OF_MEMORY;
return result;
}
ftpc->dirdepth = 1; /* we consider it to be a single dir */
filename = slash_pos ? slash_pos+1 : cur_pos; /* rest is file name */
@ -4335,18 +4337,15 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
/* we skip empty path components, like "x//y" since the FTP command
CWD requires a parameter and a non-existent parameter a) doesn't
work on many servers and b) has no effect on the others. */
int len = curlx_sztosi(slash_pos - cur_pos + absolute_dir);
ftpc->dirs[ftpc->dirdepth] =
curl_easy_unescape(conn->data, cur_pos - absolute_dir, len, NULL);
if(!ftpc->dirs[ftpc->dirdepth]) { /* run out of memory ... */
failf(data, "no memory");
freedirs(ftpc);
return CURLE_OUT_OF_MEMORY;
}
if(isBadFtpString(ftpc->dirs[ftpc->dirdepth])) {
size_t len = slash_pos - cur_pos + absolute_dir;
CURLcode result =
Curl_urldecode(conn->data, cur_pos - absolute_dir, len,
&ftpc->dirs[ftpc->dirdepth], NULL,
TRUE);
if(result) {
free(ftpc->dirs[ftpc->dirdepth]);
freedirs(ftpc);
return CURLE_URL_MALFORMAT;
return result;
}
}
else {
@ -4382,15 +4381,12 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
} /* switch */
if(filename && *filename) {
ftpc->file = curl_easy_unescape(conn->data, filename, 0, NULL);
if(NULL == ftpc->file) {
CURLcode result =
Curl_urldecode(conn->data, filename, 0, &ftpc->file, NULL, TRUE);
if(result) {
freedirs(ftpc);
failf(data, "no memory");
return CURLE_OUT_OF_MEMORY;
}
if(isBadFtpString(ftpc->file)) {
freedirs(ftpc);
return CURLE_URL_MALFORMAT;
return result;
}
}
else
@ -4408,15 +4404,17 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
if(ftpc->prevpath) {
/* prevpath is "raw" so we convert the input path before we compare the
strings */
int dlen;
char *path = curl_easy_unescape(conn->data, data->state.path, 0, &dlen);
if(!path) {
size_t dlen;
char *path;
CURLcode result =
Curl_urldecode(conn->data, data->state.path, 0, &path, &dlen, FALSE);
if(result) {
freedirs(ftpc);
return CURLE_OUT_OF_MEMORY;
return result;
}
dlen -= ftpc->file?curlx_uztosi(strlen(ftpc->file)):0;
if((dlen == curlx_uztosi(strlen(ftpc->prevpath))) &&
dlen -= ftpc->file?strlen(ftpc->file):0;
if((dlen == strlen(ftpc->prevpath)) &&
strnequal(path, ftpc->prevpath, dlen)) {
infof(data, "Request has same path as previous transfer\n");
ftpc->cwddone = TRUE;

View File

@ -35,6 +35,7 @@
#include "rawstr.h"
#include "select.h"
#include "url.h"
#include "escape.h"
#include "warnless.h"
#include "curl_memory.h"
/* The last #include file should be: */
@ -83,7 +84,7 @@ static CURLcode gopher_do(struct connectdata *conn, bool *done)
char *sel;
char *sel_org = NULL;
ssize_t amount, k;
int len;
size_t len;
*done = TRUE; /* unconditionally */
@ -107,7 +108,7 @@ static CURLcode gopher_do(struct connectdata *conn, bool *done)
newp[i] = '\x09';
/* ... and finally unescape */
sel = curl_easy_unescape(data, newp, 0, &len);
result = Curl_urldecode(data, newp, 0, &sel, &len, FALSE);
if(!sel)
return CURLE_OUT_OF_MEMORY;
sel_org = sel;

View File

@ -767,7 +767,7 @@ static bool split_str(char *str, char ***out, size_t *count)
*
* Defined in RFC4516 section 2.
*/
static int _ldap_url_parse2 (const struct connectdata *conn, LDAPURLDesc *ludp)
static int _ldap_url_parse2(const struct connectdata *conn, LDAPURLDesc *ludp)
{
int rc = LDAP_SUCCESS;
char *path;
@ -798,12 +798,13 @@ static int _ldap_url_parse2 (const struct connectdata *conn, LDAPURLDesc *ludp)
if(*p) {
char *dn = p;
char *unescaped;
CURLcode result;
LDAP_TRACE (("DN '%s'\n", dn));
/* Unescape the DN */
unescaped = curl_easy_unescape(conn->data, dn, 0, NULL);
if(!unescaped) {
result = Curl_urldecode(conn->data, dn, 0, &unescaped, NULL, FALSE);
if(result) {
rc = LDAP_NO_MEMORY;
goto quit;
@ -862,12 +863,14 @@ static int _ldap_url_parse2 (const struct connectdata *conn, LDAPURLDesc *ludp)
for(i = 0; i < count; i++) {
char *unescaped;
CURLcode result;
LDAP_TRACE (("attr[%d] '%s'\n", i, attributes[i]));
/* Unescape the attribute */
unescaped = curl_easy_unescape(conn->data, attributes[i], 0, NULL);
if(!unescaped) {
result = Curl_urldecode(conn->data, attributes[i], 0, &unescaped, NULL,
FALSE);
if(result) {
free(attributes);
rc = LDAP_NO_MEMORY;
@ -930,12 +933,13 @@ static int _ldap_url_parse2 (const struct connectdata *conn, LDAPURLDesc *ludp)
if(*p) {
char *filter = p;
char *unescaped;
CURLcode result;
LDAP_TRACE (("filter '%s'\n", filter));
/* Unescape the filter */
unescaped = curl_easy_unescape(conn->data, filter, 0, NULL);
if(!unescaped) {
result = Curl_urldecode(conn->data, filter, 0, &unescaped, NULL, FALSE);
if(result) {
rc = LDAP_NO_MEMORY;
goto quit;
@ -971,8 +975,8 @@ quit:
return rc;
}
static int _ldap_url_parse (const struct connectdata *conn,
LDAPURLDesc **ludpp)
static int _ldap_url_parse(const struct connectdata *conn,
LDAPURLDesc **ludpp)
{
LDAPURLDesc *ludp = calloc(1, sizeof(*ludp));
int rc;
@ -981,7 +985,7 @@ static int _ldap_url_parse (const struct connectdata *conn,
if(!ludp)
return LDAP_NO_MEMORY;
rc = _ldap_url_parse2 (conn, ludp);
rc = _ldap_url_parse2(conn, ludp);
if(rc != LDAP_SUCCESS) {
_ldap_free_urldesc(ludp);
ludp = NULL;
@ -990,7 +994,7 @@ static int _ldap_url_parse (const struct connectdata *conn,
return (rc);
}
static void _ldap_free_urldesc (LDAPURLDesc *ludp)
static void _ldap_free_urldesc(LDAPURLDesc *ludp)
{
size_t i;

View File

@ -416,12 +416,12 @@ static CURLcode ssh_getworkingpath(struct connectdata *conn,
struct Curl_easy *data = conn->data;
char *real_path = NULL;
char *working_path;
int working_path_len;
working_path = curl_easy_unescape(data, data->state.path, 0,
&working_path_len);
if(!working_path)
return CURLE_OUT_OF_MEMORY;
size_t working_path_len;
CURLcode result =
Curl_urldecode(data, data->state.path, 0, &working_path,
&working_path_len, FALSE);
if(result)
return result;
/* Check for /~/, indicating relative to the user's home directory */
if(conn->handler->protocol & CURLPROTO_SCP) {

View File

@ -58,6 +58,7 @@
#include "rawstr.h"
#include "speedcheck.h"
#include "select.h"
#include "escape.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
@ -484,10 +485,10 @@ static CURLcode tftp_send_first(tftp_state_data_t *state, tftp_event_t event)
/* As RFC3617 describes the separator slash is not actually part of the
file name so we skip the always-present first letter of the path
string. */
filename = curl_easy_unescape(data, &state->conn->data->state.path[1], 0,
NULL);
if(!filename)
return CURLE_OUT_OF_MEMORY;
result = Curl_urldecode(data, &state->conn->data->state.path[1], 0,
&filename, NULL, FALSE);
if(result)
return result;
snprintf((char *)state->spacket.data+2,
state->blksize,

View File

@ -4691,21 +4691,24 @@ static CURLcode parse_proxy(struct Curl_easy *data,
them. */
Curl_safefree(conn->proxyuser);
if(proxyuser && strlen(proxyuser) < MAX_CURL_USER_LENGTH)
conn->proxyuser = curl_easy_unescape(data, proxyuser, 0, NULL);
else
conn->proxyuser = strdup("");
if(!conn->proxyuser)
result = CURLE_OUT_OF_MEMORY;
result = Curl_urldecode(data, proxyuser, 0, &conn->proxyuser, NULL,
FALSE);
else {
conn->proxyuser = strdup("");
if(!conn->proxyuser)
result = CURLE_OUT_OF_MEMORY;
}
if(!result) {
Curl_safefree(conn->proxypasswd);
if(proxypasswd && strlen(proxypasswd) < MAX_CURL_PASSWORD_LENGTH)
conn->proxypasswd = curl_easy_unescape(data, proxypasswd, 0, NULL);
else
result = Curl_urldecode(data, proxypasswd, 0,
&conn->proxypasswd, NULL, FALSE);
else {
conn->proxypasswd = strdup("");
if(!conn->proxypasswd)
result = CURLE_OUT_OF_MEMORY;
if(!conn->proxypasswd)
result = CURLE_OUT_OF_MEMORY;
}
}
if(!result) {
@ -4812,6 +4815,7 @@ static CURLcode parse_proxy_auth(struct Curl_easy *data,
{
char proxyuser[MAX_CURL_USER_LENGTH]="";
char proxypasswd[MAX_CURL_PASSWORD_LENGTH]="";
CURLcode result;
if(data->set.str[STRING_PROXYUSERNAME] != NULL) {
strncpy(proxyuser, data->set.str[STRING_PROXYUSERNAME],
@ -4824,15 +4828,11 @@ static CURLcode parse_proxy_auth(struct Curl_easy *data,
proxypasswd[MAX_CURL_PASSWORD_LENGTH-1] = '\0'; /*To be on safe side*/
}
conn->proxyuser = curl_easy_unescape(data, proxyuser, 0, NULL);
if(!conn->proxyuser)
return CURLE_OUT_OF_MEMORY;
conn->proxypasswd = curl_easy_unescape(data, proxypasswd, 0, NULL);
if(!conn->proxypasswd)
return CURLE_OUT_OF_MEMORY;
return CURLE_OK;
result = Curl_urldecode(data, proxyuser, 0, &conn->proxyuser, NULL, FALSE);
if(!result)
result = Curl_urldecode(data, proxypasswd, 0, &conn->proxypasswd, NULL,
FALSE);
return result;
}
#endif /* CURL_DISABLE_PROXY */
@ -4906,9 +4906,8 @@ static CURLcode parse_url_login(struct Curl_easy *data,
conn->bits.user_passwd = TRUE; /* enable user+password */
/* Decode the user */
newname = curl_easy_unescape(data, userp, 0, NULL);
if(!newname) {
result = CURLE_OUT_OF_MEMORY;
result = Curl_urldecode(data, userp, 0, &newname, NULL, FALSE);
if(result) {
goto out;
}
@ -4918,9 +4917,9 @@ static CURLcode parse_url_login(struct Curl_easy *data,
if(passwdp) {
/* We have a password in the URL so decode it */
char *newpasswd = curl_easy_unescape(data, passwdp, 0, NULL);
if(!newpasswd) {
result = CURLE_OUT_OF_MEMORY;
char *newpasswd;
result = Curl_urldecode(data, passwdp, 0, &newpasswd, NULL, FALSE);
if(result) {
goto out;
}
@ -4930,9 +4929,9 @@ static CURLcode parse_url_login(struct Curl_easy *data,
if(optionsp) {
/* We have an options list in the URL so decode it */
char *newoptions = curl_easy_unescape(data, optionsp, 0, NULL);
if(!newoptions) {
result = CURLE_OUT_OF_MEMORY;
char *newoptions;
result = Curl_urldecode(data, optionsp, 0, &newoptions, NULL, FALSE);
if(result) {
goto out;
}