mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 23:58:49 -05:00
escape: avoid using curl_easy_unescape() internally
Since the internal Curl_urldecode() function has a better API.
This commit is contained in:
parent
53e71e47d6
commit
46133aa536
@ -193,11 +193,12 @@ static CURLcode file_connect(struct connectdata *conn, bool *done)
|
||||
int i;
|
||||
char *actual_path;
|
||||
#endif
|
||||
int real_path_len;
|
||||
size_t real_path_len;
|
||||
|
||||
real_path = curl_easy_unescape(data, data->state.path, 0, &real_path_len);
|
||||
if(!real_path)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
CURLcode result = Curl_urldecode(data, data->state.path, 0, &real_path,
|
||||
&real_path_len, FALSE);
|
||||
if(result)
|
||||
return result;
|
||||
|
||||
#ifdef DOS_FILESYSTEM
|
||||
/* If the first character is a slash, and there's
|
||||
|
60
lib/ftp.c
60
lib/ftp.c
@ -3299,8 +3299,8 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
|
||||
}
|
||||
|
||||
/* get the "raw" path */
|
||||
path = curl_easy_unescape(data, path_to_use, 0, NULL);
|
||||
if(!path) {
|
||||
result = Curl_urldecode(data, path_to_use, 0, &path, NULL, FALSE);
|
||||
if(result) {
|
||||
/* out of memory, but we can limp along anyway (and should try to
|
||||
* since we may already be in the out of memory cleanup path) */
|
||||
if(!result)
|
||||
@ -4287,6 +4287,7 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
|
||||
slash_pos=strrchr(cur_pos, '/');
|
||||
if(slash_pos || !*cur_pos) {
|
||||
size_t dirlen = slash_pos-cur_pos;
|
||||
CURLcode result;
|
||||
|
||||
ftpc->dirs = calloc(1, sizeof(ftpc->dirs[0]));
|
||||
if(!ftpc->dirs)
|
||||
@ -4295,12 +4296,13 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
|
||||
if(!dirlen)
|
||||
dirlen++;
|
||||
|
||||
ftpc->dirs[0] = curl_easy_unescape(conn->data, slash_pos ? cur_pos : "/",
|
||||
slash_pos ? curlx_uztosi(dirlen) : 1,
|
||||
NULL);
|
||||
if(!ftpc->dirs[0]) {
|
||||
result = Curl_urldecode(conn->data, slash_pos ? cur_pos : "/",
|
||||
slash_pos ? dirlen : 1,
|
||||
&ftpc->dirs[0], NULL,
|
||||
FALSE);
|
||||
if(result) {
|
||||
freedirs(ftpc);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
return result;
|
||||
}
|
||||
ftpc->dirdepth = 1; /* we consider it to be a single dir */
|
||||
filename = slash_pos ? slash_pos+1 : cur_pos; /* rest is file name */
|
||||
@ -4335,18 +4337,15 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
|
||||
/* we skip empty path components, like "x//y" since the FTP command
|
||||
CWD requires a parameter and a non-existent parameter a) doesn't
|
||||
work on many servers and b) has no effect on the others. */
|
||||
int len = curlx_sztosi(slash_pos - cur_pos + absolute_dir);
|
||||
ftpc->dirs[ftpc->dirdepth] =
|
||||
curl_easy_unescape(conn->data, cur_pos - absolute_dir, len, NULL);
|
||||
if(!ftpc->dirs[ftpc->dirdepth]) { /* run out of memory ... */
|
||||
failf(data, "no memory");
|
||||
freedirs(ftpc);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
if(isBadFtpString(ftpc->dirs[ftpc->dirdepth])) {
|
||||
size_t len = slash_pos - cur_pos + absolute_dir;
|
||||
CURLcode result =
|
||||
Curl_urldecode(conn->data, cur_pos - absolute_dir, len,
|
||||
&ftpc->dirs[ftpc->dirdepth], NULL,
|
||||
TRUE);
|
||||
if(result) {
|
||||
free(ftpc->dirs[ftpc->dirdepth]);
|
||||
freedirs(ftpc);
|
||||
return CURLE_URL_MALFORMAT;
|
||||
return result;
|
||||
}
|
||||
}
|
||||
else {
|
||||
@ -4382,15 +4381,12 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
|
||||
} /* switch */
|
||||
|
||||
if(filename && *filename) {
|
||||
ftpc->file = curl_easy_unescape(conn->data, filename, 0, NULL);
|
||||
if(NULL == ftpc->file) {
|
||||
CURLcode result =
|
||||
Curl_urldecode(conn->data, filename, 0, &ftpc->file, NULL, TRUE);
|
||||
|
||||
if(result) {
|
||||
freedirs(ftpc);
|
||||
failf(data, "no memory");
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
if(isBadFtpString(ftpc->file)) {
|
||||
freedirs(ftpc);
|
||||
return CURLE_URL_MALFORMAT;
|
||||
return result;
|
||||
}
|
||||
}
|
||||
else
|
||||
@ -4408,15 +4404,17 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
|
||||
if(ftpc->prevpath) {
|
||||
/* prevpath is "raw" so we convert the input path before we compare the
|
||||
strings */
|
||||
int dlen;
|
||||
char *path = curl_easy_unescape(conn->data, data->state.path, 0, &dlen);
|
||||
if(!path) {
|
||||
size_t dlen;
|
||||
char *path;
|
||||
CURLcode result =
|
||||
Curl_urldecode(conn->data, data->state.path, 0, &path, &dlen, FALSE);
|
||||
if(result) {
|
||||
freedirs(ftpc);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
return result;
|
||||
}
|
||||
|
||||
dlen -= ftpc->file?curlx_uztosi(strlen(ftpc->file)):0;
|
||||
if((dlen == curlx_uztosi(strlen(ftpc->prevpath))) &&
|
||||
dlen -= ftpc->file?strlen(ftpc->file):0;
|
||||
if((dlen == strlen(ftpc->prevpath)) &&
|
||||
strnequal(path, ftpc->prevpath, dlen)) {
|
||||
infof(data, "Request has same path as previous transfer\n");
|
||||
ftpc->cwddone = TRUE;
|
||||
|
@ -35,6 +35,7 @@
|
||||
#include "rawstr.h"
|
||||
#include "select.h"
|
||||
#include "url.h"
|
||||
#include "escape.h"
|
||||
#include "warnless.h"
|
||||
#include "curl_memory.h"
|
||||
/* The last #include file should be: */
|
||||
@ -83,7 +84,7 @@ static CURLcode gopher_do(struct connectdata *conn, bool *done)
|
||||
char *sel;
|
||||
char *sel_org = NULL;
|
||||
ssize_t amount, k;
|
||||
int len;
|
||||
size_t len;
|
||||
|
||||
*done = TRUE; /* unconditionally */
|
||||
|
||||
@ -107,7 +108,7 @@ static CURLcode gopher_do(struct connectdata *conn, bool *done)
|
||||
newp[i] = '\x09';
|
||||
|
||||
/* ... and finally unescape */
|
||||
sel = curl_easy_unescape(data, newp, 0, &len);
|
||||
result = Curl_urldecode(data, newp, 0, &sel, &len, FALSE);
|
||||
if(!sel)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
sel_org = sel;
|
||||
|
16
lib/ldap.c
16
lib/ldap.c
@ -798,12 +798,13 @@ static int _ldap_url_parse2 (const struct connectdata *conn, LDAPURLDesc *ludp)
|
||||
if(*p) {
|
||||
char *dn = p;
|
||||
char *unescaped;
|
||||
CURLcode result;
|
||||
|
||||
LDAP_TRACE (("DN '%s'\n", dn));
|
||||
|
||||
/* Unescape the DN */
|
||||
unescaped = curl_easy_unescape(conn->data, dn, 0, NULL);
|
||||
if(!unescaped) {
|
||||
result = Curl_urldecode(conn->data, dn, 0, &unescaped, NULL, FALSE);
|
||||
if(result) {
|
||||
rc = LDAP_NO_MEMORY;
|
||||
|
||||
goto quit;
|
||||
@ -862,12 +863,14 @@ static int _ldap_url_parse2 (const struct connectdata *conn, LDAPURLDesc *ludp)
|
||||
|
||||
for(i = 0; i < count; i++) {
|
||||
char *unescaped;
|
||||
CURLcode result;
|
||||
|
||||
LDAP_TRACE (("attr[%d] '%s'\n", i, attributes[i]));
|
||||
|
||||
/* Unescape the attribute */
|
||||
unescaped = curl_easy_unescape(conn->data, attributes[i], 0, NULL);
|
||||
if(!unescaped) {
|
||||
result = Curl_urldecode(conn->data, attributes[i], 0, &unescaped, NULL,
|
||||
FALSE);
|
||||
if(result) {
|
||||
free(attributes);
|
||||
|
||||
rc = LDAP_NO_MEMORY;
|
||||
@ -930,12 +933,13 @@ static int _ldap_url_parse2 (const struct connectdata *conn, LDAPURLDesc *ludp)
|
||||
if(*p) {
|
||||
char *filter = p;
|
||||
char *unescaped;
|
||||
CURLcode result;
|
||||
|
||||
LDAP_TRACE (("filter '%s'\n", filter));
|
||||
|
||||
/* Unescape the filter */
|
||||
unescaped = curl_easy_unescape(conn->data, filter, 0, NULL);
|
||||
if(!unescaped) {
|
||||
result = Curl_urldecode(conn->data, filter, 0, &unescaped, NULL, FALSE);
|
||||
if(result) {
|
||||
rc = LDAP_NO_MEMORY;
|
||||
|
||||
goto quit;
|
||||
|
12
lib/ssh.c
12
lib/ssh.c
@ -416,12 +416,12 @@ static CURLcode ssh_getworkingpath(struct connectdata *conn,
|
||||
struct Curl_easy *data = conn->data;
|
||||
char *real_path = NULL;
|
||||
char *working_path;
|
||||
int working_path_len;
|
||||
|
||||
working_path = curl_easy_unescape(data, data->state.path, 0,
|
||||
&working_path_len);
|
||||
if(!working_path)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
size_t working_path_len;
|
||||
CURLcode result =
|
||||
Curl_urldecode(data, data->state.path, 0, &working_path,
|
||||
&working_path_len, FALSE);
|
||||
if(result)
|
||||
return result;
|
||||
|
||||
/* Check for /~/, indicating relative to the user's home directory */
|
||||
if(conn->handler->protocol & CURLPROTO_SCP) {
|
||||
|
@ -58,6 +58,7 @@
|
||||
#include "rawstr.h"
|
||||
#include "speedcheck.h"
|
||||
#include "select.h"
|
||||
#include "escape.h"
|
||||
|
||||
/* The last 3 #include files should be in this order */
|
||||
#include "curl_printf.h"
|
||||
@ -484,10 +485,10 @@ static CURLcode tftp_send_first(tftp_state_data_t *state, tftp_event_t event)
|
||||
/* As RFC3617 describes the separator slash is not actually part of the
|
||||
file name so we skip the always-present first letter of the path
|
||||
string. */
|
||||
filename = curl_easy_unescape(data, &state->conn->data->state.path[1], 0,
|
||||
NULL);
|
||||
if(!filename)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
result = Curl_urldecode(data, &state->conn->data->state.path[1], 0,
|
||||
&filename, NULL, FALSE);
|
||||
if(result)
|
||||
return result;
|
||||
|
||||
snprintf((char *)state->spacket.data+2,
|
||||
state->blksize,
|
||||
|
49
lib/url.c
49
lib/url.c
@ -4691,22 +4691,25 @@ static CURLcode parse_proxy(struct Curl_easy *data,
|
||||
them. */
|
||||
Curl_safefree(conn->proxyuser);
|
||||
if(proxyuser && strlen(proxyuser) < MAX_CURL_USER_LENGTH)
|
||||
conn->proxyuser = curl_easy_unescape(data, proxyuser, 0, NULL);
|
||||
else
|
||||
result = Curl_urldecode(data, proxyuser, 0, &conn->proxyuser, NULL,
|
||||
FALSE);
|
||||
else {
|
||||
conn->proxyuser = strdup("");
|
||||
|
||||
if(!conn->proxyuser)
|
||||
result = CURLE_OUT_OF_MEMORY;
|
||||
else {
|
||||
}
|
||||
|
||||
if(!result) {
|
||||
Curl_safefree(conn->proxypasswd);
|
||||
if(proxypasswd && strlen(proxypasswd) < MAX_CURL_PASSWORD_LENGTH)
|
||||
conn->proxypasswd = curl_easy_unescape(data, proxypasswd, 0, NULL);
|
||||
else
|
||||
result = Curl_urldecode(data, proxypasswd, 0,
|
||||
&conn->proxypasswd, NULL, FALSE);
|
||||
else {
|
||||
conn->proxypasswd = strdup("");
|
||||
|
||||
if(!conn->proxypasswd)
|
||||
result = CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
}
|
||||
|
||||
if(!result) {
|
||||
conn->bits.proxy_user_passwd = TRUE; /* enable it */
|
||||
@ -4812,6 +4815,7 @@ static CURLcode parse_proxy_auth(struct Curl_easy *data,
|
||||
{
|
||||
char proxyuser[MAX_CURL_USER_LENGTH]="";
|
||||
char proxypasswd[MAX_CURL_PASSWORD_LENGTH]="";
|
||||
CURLcode result;
|
||||
|
||||
if(data->set.str[STRING_PROXYUSERNAME] != NULL) {
|
||||
strncpy(proxyuser, data->set.str[STRING_PROXYUSERNAME],
|
||||
@ -4824,15 +4828,11 @@ static CURLcode parse_proxy_auth(struct Curl_easy *data,
|
||||
proxypasswd[MAX_CURL_PASSWORD_LENGTH-1] = '\0'; /*To be on safe side*/
|
||||
}
|
||||
|
||||
conn->proxyuser = curl_easy_unescape(data, proxyuser, 0, NULL);
|
||||
if(!conn->proxyuser)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
|
||||
conn->proxypasswd = curl_easy_unescape(data, proxypasswd, 0, NULL);
|
||||
if(!conn->proxypasswd)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
|
||||
return CURLE_OK;
|
||||
result = Curl_urldecode(data, proxyuser, 0, &conn->proxyuser, NULL, FALSE);
|
||||
if(!result)
|
||||
result = Curl_urldecode(data, proxypasswd, 0, &conn->proxypasswd, NULL,
|
||||
FALSE);
|
||||
return result;
|
||||
}
|
||||
#endif /* CURL_DISABLE_PROXY */
|
||||
|
||||
@ -4906,9 +4906,8 @@ static CURLcode parse_url_login(struct Curl_easy *data,
|
||||
conn->bits.user_passwd = TRUE; /* enable user+password */
|
||||
|
||||
/* Decode the user */
|
||||
newname = curl_easy_unescape(data, userp, 0, NULL);
|
||||
if(!newname) {
|
||||
result = CURLE_OUT_OF_MEMORY;
|
||||
result = Curl_urldecode(data, userp, 0, &newname, NULL, FALSE);
|
||||
if(result) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
@ -4918,9 +4917,9 @@ static CURLcode parse_url_login(struct Curl_easy *data,
|
||||
|
||||
if(passwdp) {
|
||||
/* We have a password in the URL so decode it */
|
||||
char *newpasswd = curl_easy_unescape(data, passwdp, 0, NULL);
|
||||
if(!newpasswd) {
|
||||
result = CURLE_OUT_OF_MEMORY;
|
||||
char *newpasswd;
|
||||
result = Curl_urldecode(data, passwdp, 0, &newpasswd, NULL, FALSE);
|
||||
if(result) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
@ -4930,9 +4929,9 @@ static CURLcode parse_url_login(struct Curl_easy *data,
|
||||
|
||||
if(optionsp) {
|
||||
/* We have an options list in the URL so decode it */
|
||||
char *newoptions = curl_easy_unescape(data, optionsp, 0, NULL);
|
||||
if(!newoptions) {
|
||||
result = CURLE_OUT_OF_MEMORY;
|
||||
char *newoptions;
|
||||
result = Curl_urldecode(data, optionsp, 0, &newoptions, NULL, FALSE);
|
||||
if(result) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user