1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 16:18:48 -05:00

parse_proxy: reject illegal port numbers

If the port number in the proxy string ended weirdly or the number is
too large, skip it. Mostly as a means to bail out early if a "bare" IPv6
numerical address is used without enclosing brackets.

Also mention the bracket requirement for IPv6 numerical addresses to the
man page for CURLOPT_PROXY.

Closes #415

Reported-by: Marcel Raad
This commit is contained in:
Daniel Stenberg 2015-09-08 13:42:48 +02:00
parent 27620171ff
commit 87e533ace0
2 changed files with 18 additions and 4 deletions

View File

@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___ .\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____| .\" * \___|\___/|_| \_\_____|
.\" * .\" *
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * .\" *
.\" * This software is licensed as described in the file COPYING, which .\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms .\" * you should have received as part of this distribution. The terms
@ -29,8 +29,8 @@ CURLOPT_PROXY \- set proxy to use
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY, char *proxy); CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY, char *proxy);
.SH DESCRIPTION .SH DESCRIPTION
Set the \fIproxy\fP to use for the upcoming request. The parameter should be a Set the \fIproxy\fP to use for the upcoming request. The parameter should be a
char * to a zero terminated string holding the host name or dotted IP char * to a zero terminated string holding the host name or dotted numerical
address. IP address. A numerical IPv6 address must be written within [brackets].
To specify port number in this string, append :[port] to the end of the host To specify port number in this string, append :[port] to the end of the host
name. The proxy's port number may optionally be specified with the separate name. The proxy's port number may optionally be specified with the separate

View File

@ -4640,10 +4640,24 @@ static CURLcode parse_proxy(struct SessionHandle *data,
/* Get port number off proxy.server.com:1080 */ /* Get port number off proxy.server.com:1080 */
prox_portno = strchr(portptr, ':'); prox_portno = strchr(portptr, ':');
if(prox_portno) { if(prox_portno) {
char *endp = NULL;
long port = 0;
*prox_portno = 0x0; /* cut off number from host name */ *prox_portno = 0x0; /* cut off number from host name */
prox_portno ++; prox_portno ++;
/* now set the local port number */ /* now set the local port number */
conn->port = strtol(prox_portno, NULL, 10); port = strtol(prox_portno, &endp, 10);
if((endp && *endp && (*endp != '/') && (*endp != ' ')) ||
(port >= 65536) ) {
/* meant to detect for example invalid IPv6 numerical addresses without
brackets: "2a00:fac0:a000::7:13". Accept a trailing slash only
because we then allow "URL style" with the number followed by a
slash, used in curl test cases already. Space is also an acceptable
terminating symbol. */
infof(data, "No valid port number in proxy string (%s)\n",
prox_portno);
}
else
conn->port = port;
} }
else { else {
if(proxyptr[0]=='/') if(proxyptr[0]=='/')