mirror of
https://github.com/moparisthebest/wget
synced 2024-07-03 16:38:41 -04:00
Fix HSTS memory issue + test code issue
* src/hsts.c (hsts_find_entry): Fix freeing memory (hsts_remove_entry): Remove freeing host member (hsts_match): Free host member here (hsts_store_entry): Free host member here (test_url_rewrite): Fix 'created' value (test_hsts_read_database): Fix 'created' value Reported-by: Dagobert Michelsen <dam@opencsw.org>
This commit is contained in:
parent
76da642aaf
commit
99aa7b4f5e
25
src/hsts.c
25
src/hsts.c
@ -148,13 +148,14 @@ hsts_find_entry (hsts_store_t store,
|
|||||||
end:
|
end:
|
||||||
/* restore pointer or we'll get a SEGV */
|
/* restore pointer or we'll get a SEGV */
|
||||||
k->host = org_ptr;
|
k->host = org_ptr;
|
||||||
xfree (k->host);
|
|
||||||
|
|
||||||
/* copy parameters to previous frame */
|
/* copy parameters to previous frame */
|
||||||
if (match_type)
|
if (match_type)
|
||||||
*match_type = match;
|
*match_type = match;
|
||||||
if (kh)
|
if (kh)
|
||||||
memcpy (kh, k, sizeof (struct hsts_kh));
|
memcpy (kh, k, sizeof (struct hsts_kh));
|
||||||
|
else
|
||||||
|
xfree (k->host);
|
||||||
|
|
||||||
xfree (k);
|
xfree (k);
|
||||||
return khi;
|
return khi;
|
||||||
@ -236,8 +237,7 @@ hsts_new_entry (hsts_store_t store,
|
|||||||
static void
|
static void
|
||||||
hsts_remove_entry (hsts_store_t store, struct hsts_kh *kh)
|
hsts_remove_entry (hsts_store_t store, struct hsts_kh *kh)
|
||||||
{
|
{
|
||||||
if (hash_table_remove (store->table, kh))
|
hash_table_remove (store->table, kh);
|
||||||
xfree (kh->host);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool
|
static bool
|
||||||
@ -375,9 +375,10 @@ hsts_match (hsts_store_t store, struct url *u)
|
|||||||
else
|
else
|
||||||
hsts_remove_entry (store, kh);
|
hsts_remove_entry (store, kh);
|
||||||
}
|
}
|
||||||
|
xfree (kh->host);
|
||||||
}
|
}
|
||||||
|
|
||||||
xfree(kh);
|
xfree (kh);
|
||||||
|
|
||||||
return url_changed;
|
return url_changed;
|
||||||
}
|
}
|
||||||
@ -451,9 +452,10 @@ hsts_store_entry (hsts_store_t store,
|
|||||||
result = hsts_add_entry (store, host, port, max_age, include_subdomains);
|
result = hsts_add_entry (store, host, port, max_age, include_subdomains);
|
||||||
}
|
}
|
||||||
/* we ignore new entries with max_age == 0 */
|
/* we ignore new entries with max_age == 0 */
|
||||||
|
xfree (kh->host);
|
||||||
}
|
}
|
||||||
|
|
||||||
xfree(kh);
|
xfree (kh);
|
||||||
|
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
@ -613,7 +615,7 @@ test_url_rewrite (hsts_store_t s, const char *url, int port, bool rewrite)
|
|||||||
if (rewrite)
|
if (rewrite)
|
||||||
{
|
{
|
||||||
if (port == 80)
|
if (port == 80)
|
||||||
mu_assert("URL: port should've been rewritten to 443", u.port == 443);
|
mu_assert("URL: port should've been rewritten to 443", u.port == 443);
|
||||||
else
|
else
|
||||||
mu_assert("URL: port should've been left intact", u.port == port);
|
mu_assert("URL: port should've been left intact", u.port == port);
|
||||||
mu_assert("URL: scheme should've been rewritten to HTTPS", u.scheme == SCHEME_HTTPS);
|
mu_assert("URL: scheme should've been rewritten to HTTPS", u.scheme == SCHEME_HTTPS);
|
||||||
@ -686,7 +688,7 @@ test_hsts_url_rewrite_superdomain (void)
|
|||||||
s = open_hsts_test_store ();
|
s = open_hsts_test_store ();
|
||||||
mu_assert("Could not open the HSTS store", s != NULL);
|
mu_assert("Could not open the HSTS store", s != NULL);
|
||||||
|
|
||||||
created = hsts_store_entry (s, SCHEME_HTTPS, "www.foo.com", 443, time(NULL) + 1234, true);
|
created = hsts_store_entry (s, SCHEME_HTTPS, "www.foo.com", 443, 1234, true);
|
||||||
mu_assert("A new entry should've been created", created == true);
|
mu_assert("A new entry should've been created", created == true);
|
||||||
|
|
||||||
TEST_URL_RW (s, "www.foo.com", 80);
|
TEST_URL_RW (s, "www.foo.com", 80);
|
||||||
@ -707,7 +709,7 @@ test_hsts_url_rewrite_congruent (void)
|
|||||||
s = open_hsts_test_store ();
|
s = open_hsts_test_store ();
|
||||||
mu_assert("Could not open the HSTS store", s != NULL);
|
mu_assert("Could not open the HSTS store", s != NULL);
|
||||||
|
|
||||||
created = hsts_store_entry (s, SCHEME_HTTPS, "foo.com", 443, time(NULL) + 1234, false);
|
created = hsts_store_entry (s, SCHEME_HTTPS, "foo.com", 443, 1234, false);
|
||||||
mu_assert("A new entry should've been created", created == true);
|
mu_assert("A new entry should've been created", created == true);
|
||||||
|
|
||||||
TEST_URL_RW (s, "foo.com", 80);
|
TEST_URL_RW (s, "foo.com", 80);
|
||||||
@ -726,6 +728,7 @@ test_hsts_read_database (void)
|
|||||||
char *home = home_dir();
|
char *home = home_dir();
|
||||||
char *file = NULL;
|
char *file = NULL;
|
||||||
FILE *fp = NULL;
|
FILE *fp = NULL;
|
||||||
|
time_t created = time(NULL) - 10;
|
||||||
|
|
||||||
if (home)
|
if (home)
|
||||||
{
|
{
|
||||||
@ -734,9 +737,9 @@ test_hsts_read_database (void)
|
|||||||
if (fp)
|
if (fp)
|
||||||
{
|
{
|
||||||
fputs ("# dummy comment\n", fp);
|
fputs ("# dummy comment\n", fp);
|
||||||
fputs ("foo.example.com\t0\t1\t1434224817\t123123123\n", fp);
|
fprintf (fp, "foo.example.com\t0\t1\t%ld\t123\n",(long) created);
|
||||||
fputs ("bar.example.com\t0\t0\t1434224817\t456456456\n", fp);
|
fprintf (fp, "bar.example.com\t0\t0\t%ld\t456\n", (long) created);
|
||||||
fputs ("test.example.com\t8080\t0\t1434224817\t789789789\n", fp);
|
fprintf (fp, "test.example.com\t8080\t0\t%ld\t789\n", (long) created);
|
||||||
fclose (fp);
|
fclose (fp);
|
||||||
|
|
||||||
table = hsts_store_open (file);
|
table = hsts_store_open (file);
|
||||||
|
Loading…
Reference in New Issue
Block a user