parse_proxy: bail out on zero-length proxy names!

The proxy parser function strips off trailing slashes off the proxy name which could lead to a mistaken zero length proxy name which would be treated as no proxy at all by subsequent functions! This is now detected and an error is returned. Verified by the new test 1329. Reported by: Chandrakant Bagul Bug: http://curl.haxx.se/mail/lib-2012-02/0000.html
2012-02-10 16:26:20 +01:00 · 2012-02-10 16:26:20 +01:00 · ecc93caaeb
parent ebf3138992
commit ecc93caaeb
3 changed files with 41 additions and 2 deletions
--- a/lib/url.c
+++ b/lib/url.c
@ -4271,11 +4271,20 @@ static CURLcode parse_proxy(struct SessionHandle *data,
    conn->port = strtol(prox_portno, NULL, 10);
  }
  else {
+    if(proxyptr[0]=='/') {
+      /* If the first character in the proxy string is a slash, fail
+         immediately. The following code will otherwise clear the string which
+         will lead to code running as if no proxy was set! */
+      free(proxy); /* free the former proxy string */
+      return CURLE_COULDNT_RESOLVE_PROXY;
+    }
+
    /* without a port number after the host name, some people seem to use
       a slash so we strip everything from the first slash */
    atsign = strchr(proxyptr, '/');
-    if(atsign)
+    if(atsign) {
      *atsign = 0x0; /* cut off path part from host name */
+    }

    if(data->set.proxyport)
      /* None given in the proxy string, then get the default one if it is
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@ -82,7 +82,7 @@ test1220 \
 test1300 test1301 test1302 test1303 test1304 test1305	\
 test1306 test1307 test1308 test1309 test1310 test1311 test1312 test1313 \
 test1314 test1315 test1316 test1317 test1318 test1319 test1320 test1321 \
-test1322 test1323 test1324 test1325 test1326 test1327 test1328 \
+test1322 test1323 test1324 test1325 test1326 test1327 test1328 test1329 \
 test2000 test2001 test2002 test2003 test2004

 EXTRA_DIST = $(TESTCASES) DISABLED
--- a/tests/data/test1329
+++ b/tests/data/test1329
@ -0,0 +1,30 @@
+<testcase>
+<info>
+<keywords>
+HTTP proxy
+</keywords>
+</info>
+
+#
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+/-prefixed proxy name
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/we/want/that/page/1329 -x "/server"
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+# 5 == CURLE_COULDNT_RESOLVE_PROXY
+<errorcode>
+5
+</errorcode>
+</verify>
+</testcase>