24195bf5fa
SVN-Revision: 29322
217 lines
5.5 KiB
Diff
217 lines
5.5 KiB
Diff
--- a/include/libbb.h
|
|
+++ b/include/libbb.h
|
|
@@ -1368,6 +1368,15 @@ pid_t *find_pid_by_name(const char* proc
|
|
pid_t *pidlist_reverse(pid_t *pidList) FAST_FUNC;
|
|
|
|
|
|
+/* Use strict=1 if you process input from untrusted source:
|
|
+ * it will return NULL on invalid %xx (bad hex chars)
|
|
+ * and str + 1 if decoded char is / or NUL.
|
|
+ * In non-strict mode, it always succeeds (returns str),
|
|
+ * and also it additionally decoded '+' to space.
|
|
+ */
|
|
+char *percent_decode_in_place(char *str, int strict) FAST_FUNC;
|
|
+
|
|
+
|
|
extern const char bb_uuenc_tbl_base64[];
|
|
extern const char bb_uuenc_tbl_std[];
|
|
void bb_uuencode(char *store, const void *s, int length, const char *tbl) FAST_FUNC;
|
|
--- a/libbb/Kbuild
|
|
+++ b/libbb/Kbuild
|
|
@@ -66,6 +66,7 @@ lib-y += mtab_file.o
|
|
lib-y += obscure.o
|
|
lib-y += parse_mode.o
|
|
lib-y += parse_config.o
|
|
+lib-y += percent_decode.o
|
|
lib-y += perror_msg.o
|
|
lib-y += perror_msg_and_die.o
|
|
lib-y += perror_nomsg.o
|
|
--- /dev/null
|
|
+++ b/libbb/percent_decode.c
|
|
@@ -0,0 +1,69 @@
|
|
+/* vi: set sw=4 ts=4: */
|
|
+/*
|
|
+ * Licensed under GPLv2 or later, see file LICENSE in this source tree.
|
|
+ */
|
|
+
|
|
+//kbuild:lib-y += percent_decode.o
|
|
+
|
|
+#include "libbb.h"
|
|
+
|
|
+static unsigned hex_to_bin(unsigned char c)
|
|
+{
|
|
+ unsigned v;
|
|
+
|
|
+ v = c - '0';
|
|
+ if (v <= 9)
|
|
+ return v;
|
|
+ /* c | 0x20: letters to lower case, non-letters
|
|
+ * to (potentially different) non-letters */
|
|
+ v = (unsigned)(c | 0x20) - 'a';
|
|
+ if (v <= 5)
|
|
+ return v + 10;
|
|
+ return ~0;
|
|
+/* For testing:
|
|
+void t(char c) { printf("'%c'(%u) %u\n", c, c, hex_to_bin(c)); }
|
|
+int main() { t(0x10); t(0x20); t('0'); t('9'); t('A'); t('F'); t('a'); t('f');
|
|
+t('0'-1); t('9'+1); t('A'-1); t('F'+1); t('a'-1); t('f'+1); return 0; }
|
|
+*/
|
|
+}
|
|
+
|
|
+char* FAST_FUNC percent_decode_in_place(char *str, int strict)
|
|
+{
|
|
+ /* note that decoded string is always shorter than original */
|
|
+ char *src = str;
|
|
+ char *dst = str;
|
|
+ char c;
|
|
+
|
|
+ while ((c = *src++) != '\0') {
|
|
+ unsigned v;
|
|
+
|
|
+ if (!strict && c == '+') {
|
|
+ *dst++ = ' ';
|
|
+ continue;
|
|
+ }
|
|
+ if (c != '%') {
|
|
+ *dst++ = c;
|
|
+ continue;
|
|
+ }
|
|
+ v = hex_to_bin(src[0]);
|
|
+ if (v > 15) {
|
|
+ bad_hex:
|
|
+ if (strict)
|
|
+ return NULL;
|
|
+ *dst++ = '%';
|
|
+ continue;
|
|
+ }
|
|
+ v = (v * 16) | hex_to_bin(src[1]);
|
|
+ if (v > 255)
|
|
+ goto bad_hex;
|
|
+ if (strict && (v == '/' || v == '\0')) {
|
|
+ /* caller takes it as indication of invalid
|
|
+ * (dangerous wrt exploits) chars */
|
|
+ return str + 1;
|
|
+ }
|
|
+ *dst++ = v;
|
|
+ src += 2;
|
|
+ }
|
|
+ *dst = '\0';
|
|
+ return str;
|
|
+}
|
|
--- a/networking/httpd.c
|
|
+++ b/networking/httpd.c
|
|
@@ -785,78 +785,6 @@ static char *encodeString(const char *st
|
|
}
|
|
#endif /* FEATURE_HTTPD_ENCODE_URL_STR */
|
|
|
|
-/*
|
|
- * Given a URL encoded string, convert it to plain ascii.
|
|
- * Since decoding always makes strings smaller, the decode is done in-place.
|
|
- * Thus, callers should xstrdup() the argument if they do not want the
|
|
- * argument modified. The return is the original pointer, allowing this
|
|
- * function to be easily used as arguments to other functions.
|
|
- *
|
|
- * string The first string to decode.
|
|
- * option_d 1 if called for httpd -d
|
|
- *
|
|
- * Returns a pointer to the decoded string (same as input).
|
|
- */
|
|
-static unsigned hex_to_bin(unsigned char c)
|
|
-{
|
|
- unsigned v;
|
|
-
|
|
- v = c - '0';
|
|
- if (v <= 9)
|
|
- return v;
|
|
- /* c | 0x20: letters to lower case, non-letters
|
|
- * to (potentially different) non-letters */
|
|
- v = (unsigned)(c | 0x20) - 'a';
|
|
- if (v <= 5)
|
|
- return v + 10;
|
|
- return ~0;
|
|
-}
|
|
-/* For testing:
|
|
-void t(char c) { printf("'%c'(%u) %u\n", c, c, hex_to_bin(c)); }
|
|
-int main() { t(0x10); t(0x20); t('0'); t('9'); t('A'); t('F'); t('a'); t('f');
|
|
-t('0'-1); t('9'+1); t('A'-1); t('F'+1); t('a'-1); t('f'+1); return 0; }
|
|
-*/
|
|
-static char *decodeString(char *orig, int option_d)
|
|
-{
|
|
- /* note that decoded string is always shorter than original */
|
|
- char *string = orig;
|
|
- char *ptr = string;
|
|
- char c;
|
|
-
|
|
- while ((c = *ptr++) != '\0') {
|
|
- unsigned v;
|
|
-
|
|
- if (option_d && c == '+') {
|
|
- *string++ = ' ';
|
|
- continue;
|
|
- }
|
|
- if (c != '%') {
|
|
- *string++ = c;
|
|
- continue;
|
|
- }
|
|
- v = hex_to_bin(ptr[0]);
|
|
- if (v > 15) {
|
|
- bad_hex:
|
|
- if (!option_d)
|
|
- return NULL;
|
|
- *string++ = '%';
|
|
- continue;
|
|
- }
|
|
- v = (v * 16) | hex_to_bin(ptr[1]);
|
|
- if (v > 255)
|
|
- goto bad_hex;
|
|
- if (!option_d && (v == '/' || v == '\0')) {
|
|
- /* caller takes it as indication of invalid
|
|
- * (dangerous wrt exploits) chars */
|
|
- return orig + 1;
|
|
- }
|
|
- *string++ = v;
|
|
- ptr += 2;
|
|
- }
|
|
- *string = '\0';
|
|
- return orig;
|
|
-}
|
|
-
|
|
#if ENABLE_FEATURE_HTTPD_BASIC_AUTH
|
|
/*
|
|
* Decode a base64 data stream as per rfc1521.
|
|
@@ -1876,7 +1804,7 @@ static void handle_incoming_and_exit(con
|
|
}
|
|
|
|
/* Decode URL escape sequences */
|
|
- tptr = decodeString(urlcopy, 0);
|
|
+ tptr = percent_decode_in_place(urlcopy, /*strict:*/ 1);
|
|
if (tptr == NULL)
|
|
send_headers_and_exit(HTTP_BAD_REQUEST);
|
|
if (tptr == urlcopy + 1) {
|
|
@@ -2319,7 +2247,7 @@ int httpd_main(int argc UNUSED_PARAM, ch
|
|
, &verbose
|
|
);
|
|
if (opt & OPT_DECODE_URL) {
|
|
- fputs(decodeString(url_for_decode, 1), stdout);
|
|
+ fputs(percent_decode_in_place(url_for_decode, /*strict:*/ 0), stdout);
|
|
return 0;
|
|
}
|
|
#if ENABLE_FEATURE_HTTPD_ENCODE_URL_STR
|
|
--- a/networking/wget.c
|
|
+++ b/networking/wget.c
|
|
@@ -373,8 +373,13 @@ static void parse_url(char *src_url, str
|
|
sp = strrchr(h->host, '@');
|
|
h->user = NULL;
|
|
if (sp != NULL) {
|
|
- h->user = h->host;
|
|
+ // URL-decode "user:password" string before base64-encoding:
|
|
+ // wget http://test:my%20pass@example.com should send
|
|
+ // Authorization: Basic dGVzdDpteSBwYXNz
|
|
+ // which decodes to "test:my pass".
|
|
+ // Standard wget and curl do this too.
|
|
*sp = '\0';
|
|
+ h->user = percent_decode_in_place(h->host, /*strict:*/ 0);
|
|
h->host = sp + 1;
|
|
}
|
|
|