From 0da3d2768c544cc3c1146b00b9f1481c32010c91 Mon Sep 17 00:00:00 2001 From: Pavel Grunt Date: Wed, 1 Jun 2016 10:04:48 +0200 Subject: [PATCH 12/15] spice-uri: Validate uri scheme Related: rhbz#1335239 Acked-by: Victor Toso (cherry picked from commit 8dcb4129acde2aed353cd66e28678408e7d1257c) --- src/spice-uri.c | 26 ++++++++++++++++---------- tests/uri.c | 2 ++ 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/src/spice-uri.c b/src/spice-uri.c index 51a6d34..c452db3 100644 --- a/src/spice-uri.c +++ b/src/spice-uri.c @@ -80,7 +80,9 @@ static void spice_uri_reset(SpiceURI *self) G_GNUC_INTERNAL gboolean spice_uri_parse(SpiceURI *self, const gchar *_uri, GError **error) { - gchar *dup, *uri; + gchar *dup, *uri, **uriv = NULL; + const gchar *uri_port = NULL; + char *uri_scheme = NULL; gboolean success = FALSE; size_t len; @@ -93,17 +95,21 @@ gboolean spice_uri_parse(SpiceURI *self, const gchar *_uri, GError **error) uri = dup = g_strdup(_uri); /* FIXME: use GUri when it is ready... only support http atm */ /* the code is voluntarily not parsing thoroughly the uri */ - if (g_ascii_strncasecmp("http://", uri, 7) == 0) { - uri += 7; + uri_scheme = g_uri_parse_scheme(uri); + if (uri_scheme == NULL) { spice_uri_set_scheme(self, "http"); + } else { + spice_uri_set_scheme(self, uri_scheme); + uri += strlen(uri_scheme) + 3; /* scheme + "://" */ + } + if (g_ascii_strcasecmp(spice_uri_get_scheme(self), "http") == 0) { spice_uri_set_port(self, 3128); - } else if (g_ascii_strncasecmp("https://", uri, 8) == 0) { - uri += 8; - spice_uri_set_scheme(self, "https"); + } else if (g_ascii_strcasecmp(spice_uri_get_scheme(self), "https") == 0) { spice_uri_set_port(self, 3129); } else { - spice_uri_set_scheme(self, "http"); - spice_uri_set_port(self, 3128); + g_set_error(error, SPICE_CLIENT_ERROR, SPICE_CLIENT_ERROR_FAILED, + "Invalid uri scheme for proxy: %s", spice_uri_get_scheme(self)); + goto end; } /* remove trailing slash */ len = strlen(uri); @@ -127,8 +133,7 @@ gboolean spice_uri_parse(SpiceURI *self, const gchar *_uri, GError **error) } /* max 2 parts, host:port */ - gchar **uriv = g_strsplit(uri, ":", 2); - const gchar *uri_port = NULL; + uriv = g_strsplit(uri, ":", 2); if (uriv[0] == NULL || strlen(uriv[0]) == 0) { g_set_error(error, SPICE_CLIENT_ERROR, SPICE_CLIENT_ERROR_FAILED, @@ -161,6 +166,7 @@ gboolean spice_uri_parse(SpiceURI *self, const gchar *_uri, GError **error) success = TRUE; end: + free(uri_scheme); g_free(dup); g_strfreev(uriv); return success; diff --git a/tests/uri.c b/tests/uri.c index 34569ec..80b00f4 100644 --- a/tests/uri.c +++ b/tests/uri.c @@ -79,6 +79,8 @@ static void test_spice_uri_ipv4_bad(void) {"http://127.0.0.1:-80", "http", "127.0.0.1", 3128, NULL, NULL, "Port out of range"}, {"http://127.0.0.1:4294967396", "http", "127.0.0.1", 3128, NULL, NULL, "Port out of range"}, {"http://127.0.0.1:12345678901234", "http", "127.0.0.1", 3128, NULL, NULL, "Port out of range"}, + {"scheme://192.168.1.1:3128", "http", "127.0.0.1", 3128, NULL, NULL, + "Invalid uri scheme for proxy: scheme"}, }; test_spice_uri_bad(invalid_test_cases, G_N_ELEMENTS(invalid_test_cases)); -- 2.5.5