1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-21 23:58:49 -05:00

tool_urlglob: Allow a glob range with the same start and stop

For example allow ranges like [1-1] and [a-a] etc.

Regression since 5ca96cb.

Bug: https://github.com/curl/curl/issues/1238
Reported-by: R. Dennis Steed
This commit is contained in:
Jay Satiro 2017-02-15 02:31:09 -05:00
parent a08db49642
commit 7a9f5748bc
3 changed files with 75 additions and 19 deletions

View File

@ -189,7 +189,7 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
char min_c;
char max_c;
char end_c;
int step=1;
unsigned long step = 1;
pat->type = UPTCharRange;
@ -198,17 +198,12 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
if(rc == 3) {
if(end_c == ':') {
char *endp;
unsigned long lstep;
errno = 0;
lstep = strtoul(&pattern[4], &endp, 10);
step = strtoul(&pattern[4], &endp, 10);
if(errno || &pattern[4] == endp || *endp != ']')
step = -1;
else {
step = 0;
else
pattern = endp+1;
step = (int)lstep;
if(step > (max_c - min_c))
step = -1;
}
}
else if(end_c != ']')
/* then this is wrong */
@ -220,19 +215,21 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
*posp += (pattern - *patternp);
if((rc != 3) || (min_c >= max_c) || ((max_c - min_c) > ('z' - 'a')) ||
(step <= 0) )
if(rc != 3 || !step || step > (unsigned)INT_MAX ||
(min_c == max_c && step != 1) ||
(min_c != max_c && (min_c > max_c || step > (unsigned)(max_c - min_c) ||
(max_c - min_c) > ('z' - 'a'))))
/* the pattern is not well-formed */
return GLOBERROR("bad range", *posp, CURLE_URL_MALFORMAT);
/* if there was a ":[num]" thing, use that as step or else use 1 */
pat->content.CharRange.step = step;
pat->content.CharRange.step = (int)step;
pat->content.CharRange.ptr_c = pat->content.CharRange.min_c = min_c;
pat->content.CharRange.max_c = max_c;
if(multiply(amount, (pat->content.CharRange.max_c -
if(multiply(amount, ((pat->content.CharRange.max_c -
pat->content.CharRange.min_c) /
pat->content.CharRange.step + 1) )
pat->content.CharRange.step + 1)))
return GLOBERROR("range overflow", *posp, CURLE_URL_MALFORMAT);
}
else if(ISDIGIT(*pattern)) {
@ -293,7 +290,9 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
fail:
*posp += (pattern - *patternp);
if(!endp || (min_n > max_n) || (step_n > (max_n - min_n)) || !step_n)
if(!endp || !step_n ||
(min_n == max_n && step_n != 1) ||
(min_n != max_n && (min_n > max_n || step_n > (max_n - min_n))))
/* the pattern is not well-formed */
return GLOBERROR("bad range", *posp, CURLE_URL_MALFORMAT);
@ -303,9 +302,9 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
pat->content.NumRange.max_n = max_n;
pat->content.NumRange.step = step_n;
if(multiply(amount, (pat->content.NumRange.max_n -
pat->content.NumRange.min_n) /
pat->content.NumRange.step + 1) )
if(multiply(amount, ((pat->content.NumRange.max_n -
pat->content.NumRange.min_n) /
pat->content.NumRange.step + 1)))
return GLOBERROR("range overflow", *posp, CURLE_URL_MALFORMAT);
}
else

View File

@ -130,7 +130,7 @@ test1236 test1237 test1238 test1239 test1240 test1241 test1242 test1243 \
test1244 test1245 test1246 test1247 test1248 test1249 test1250 test1251 \
test1252 test1253 test1254 test1255 test1256 test1257 test1258 test1259 \
\
test1280 test1281 test1282 \
test1280 test1281 test1282 test1283 \
\
test1300 test1301 test1302 test1303 test1304 test1305 test1306 test1307 \
test1308 test1309 test1310 test1311 test1312 test1313 test1314 test1315 \

57
tests/data/test1283 Normal file
View File

@ -0,0 +1,57 @@
<testcase>
<info>
<keywords>
HTTP
HTTP GET
globbing
[] range
</keywords>
</info>
#
# Server-side
<reply>
<data nocheck="yes">
HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT
Content-Length: 6
Connection: close
bytes
</data>
</reply>
# Client-side
<client>
<server>
http
</server>
<name>
globbing range with same start and stop
</name>
<command option="no-output">
http://%HOSTIP:%HTTPPORT/[a-a][1-1][b-b:1][2-2:1]/1283 -o "log/outfile1283_#1#2#3#4.dump"
</command>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /a1b2/1283 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
</protocol>
<file name="log/outfile1283_a1b2.dump">
HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT
Content-Length: 6
Connection: close
bytes
</file>
</verify>
</testcase>