|
|
07d9f9 |
From 0da3d2768c544cc3c1146b00b9f1481c32010c91 Mon Sep 17 00:00:00 2001
|
|
|
07d9f9 |
From: Pavel Grunt <pgrunt@redhat.com>
|
|
|
07d9f9 |
Date: Wed, 1 Jun 2016 10:04:48 +0200
|
|
|
07d9f9 |
Subject: [PATCH 12/15] spice-uri: Validate uri scheme
|
|
|
07d9f9 |
|
|
|
07d9f9 |
Related: rhbz#1335239
|
|
|
07d9f9 |
|
|
|
07d9f9 |
Acked-by: Victor Toso <victortoso@redhat.com>
|
|
|
07d9f9 |
(cherry picked from commit 8dcb4129acde2aed353cd66e28678408e7d1257c)
|
|
|
07d9f9 |
---
|
|
|
07d9f9 |
src/spice-uri.c | 26 ++++++++++++++++----------
|
|
|
07d9f9 |
tests/uri.c | 2 ++
|
|
|
07d9f9 |
2 files changed, 18 insertions(+), 10 deletions(-)
|
|
|
07d9f9 |
|
|
|
07d9f9 |
diff --git a/src/spice-uri.c b/src/spice-uri.c
|
|
|
07d9f9 |
index 51a6d34..c452db3 100644
|
|
|
07d9f9 |
--- a/src/spice-uri.c
|
|
|
07d9f9 |
+++ b/src/spice-uri.c
|
|
|
07d9f9 |
@@ -80,7 +80,9 @@ static void spice_uri_reset(SpiceURI *self)
|
|
|
07d9f9 |
G_GNUC_INTERNAL
|
|
|
07d9f9 |
gboolean spice_uri_parse(SpiceURI *self, const gchar *_uri, GError **error)
|
|
|
07d9f9 |
{
|
|
|
07d9f9 |
- gchar *dup, *uri;
|
|
|
07d9f9 |
+ gchar *dup, *uri, **uriv = NULL;
|
|
|
07d9f9 |
+ const gchar *uri_port = NULL;
|
|
|
07d9f9 |
+ char *uri_scheme = NULL;
|
|
|
07d9f9 |
gboolean success = FALSE;
|
|
|
07d9f9 |
size_t len;
|
|
|
07d9f9 |
|
|
|
07d9f9 |
@@ -93,17 +95,21 @@ gboolean spice_uri_parse(SpiceURI *self, const gchar *_uri, GError **error)
|
|
|
07d9f9 |
uri = dup = g_strdup(_uri);
|
|
|
07d9f9 |
/* FIXME: use GUri when it is ready... only support http atm */
|
|
|
07d9f9 |
/* the code is voluntarily not parsing thoroughly the uri */
|
|
|
07d9f9 |
- if (g_ascii_strncasecmp("http://", uri, 7) == 0) {
|
|
|
07d9f9 |
- uri += 7;
|
|
|
07d9f9 |
+ uri_scheme = g_uri_parse_scheme(uri);
|
|
|
07d9f9 |
+ if (uri_scheme == NULL) {
|
|
|
07d9f9 |
spice_uri_set_scheme(self, "http");
|
|
|
07d9f9 |
+ } else {
|
|
|
07d9f9 |
+ spice_uri_set_scheme(self, uri_scheme);
|
|
|
07d9f9 |
+ uri += strlen(uri_scheme) + 3; /* scheme + "://" */
|
|
|
07d9f9 |
+ }
|
|
|
07d9f9 |
+ if (g_ascii_strcasecmp(spice_uri_get_scheme(self), "http") == 0) {
|
|
|
07d9f9 |
spice_uri_set_port(self, 3128);
|
|
|
07d9f9 |
- } else if (g_ascii_strncasecmp("https://", uri, 8) == 0) {
|
|
|
07d9f9 |
- uri += 8;
|
|
|
07d9f9 |
- spice_uri_set_scheme(self, "https");
|
|
|
07d9f9 |
+ } else if (g_ascii_strcasecmp(spice_uri_get_scheme(self), "https") == 0) {
|
|
|
07d9f9 |
spice_uri_set_port(self, 3129);
|
|
|
07d9f9 |
} else {
|
|
|
07d9f9 |
- spice_uri_set_scheme(self, "http");
|
|
|
07d9f9 |
- spice_uri_set_port(self, 3128);
|
|
|
07d9f9 |
+ g_set_error(error, SPICE_CLIENT_ERROR, SPICE_CLIENT_ERROR_FAILED,
|
|
|
07d9f9 |
+ "Invalid uri scheme for proxy: %s", spice_uri_get_scheme(self));
|
|
|
07d9f9 |
+ goto end;
|
|
|
07d9f9 |
}
|
|
|
07d9f9 |
/* remove trailing slash */
|
|
|
07d9f9 |
len = strlen(uri);
|
|
|
07d9f9 |
@@ -127,8 +133,7 @@ gboolean spice_uri_parse(SpiceURI *self, const gchar *_uri, GError **error)
|
|
|
07d9f9 |
}
|
|
|
07d9f9 |
|
|
|
07d9f9 |
/* max 2 parts, host:port */
|
|
|
07d9f9 |
- gchar **uriv = g_strsplit(uri, ":", 2);
|
|
|
07d9f9 |
- const gchar *uri_port = NULL;
|
|
|
07d9f9 |
+ uriv = g_strsplit(uri, ":", 2);
|
|
|
07d9f9 |
|
|
|
07d9f9 |
if (uriv[0] == NULL || strlen(uriv[0]) == 0) {
|
|
|
07d9f9 |
g_set_error(error, SPICE_CLIENT_ERROR, SPICE_CLIENT_ERROR_FAILED,
|
|
|
07d9f9 |
@@ -161,6 +166,7 @@ gboolean spice_uri_parse(SpiceURI *self, const gchar *_uri, GError **error)
|
|
|
07d9f9 |
success = TRUE;
|
|
|
07d9f9 |
|
|
|
07d9f9 |
end:
|
|
|
07d9f9 |
+ free(uri_scheme);
|
|
|
07d9f9 |
g_free(dup);
|
|
|
07d9f9 |
g_strfreev(uriv);
|
|
|
07d9f9 |
return success;
|
|
|
07d9f9 |
diff --git a/tests/uri.c b/tests/uri.c
|
|
|
07d9f9 |
index 34569ec..80b00f4 100644
|
|
|
07d9f9 |
--- a/tests/uri.c
|
|
|
07d9f9 |
+++ b/tests/uri.c
|
|
|
07d9f9 |
@@ -79,6 +79,8 @@ static void test_spice_uri_ipv4_bad(void)
|
|
|
07d9f9 |
{"http://127.0.0.1:-80", "http", "127.0.0.1", 3128, NULL, NULL, "Port out of range"},
|
|
|
07d9f9 |
{"http://127.0.0.1:4294967396", "http", "127.0.0.1", 3128, NULL, NULL, "Port out of range"},
|
|
|
07d9f9 |
{"http://127.0.0.1:12345678901234", "http", "127.0.0.1", 3128, NULL, NULL, "Port out of range"},
|
|
|
07d9f9 |
+ {"scheme://192.168.1.1:3128", "http", "127.0.0.1", 3128, NULL, NULL,
|
|
|
07d9f9 |
+ "Invalid uri scheme for proxy: scheme"},
|
|
|
07d9f9 |
};
|
|
|
07d9f9 |
|
|
|
07d9f9 |
test_spice_uri_bad(invalid_test_cases, G_N_ELEMENTS(invalid_test_cases));
|
|
|
07d9f9 |
--
|
|
|
07d9f9 |
2.5.5
|
|
|
07d9f9 |
|