RIOT-OS/RIOT
RIOT-OS/RIOT
1
0
Fork 0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2025-01-17 04:52:59 +01:00
Code Releases Activity

uri_parser: check boundaries if host is empty, but userinfo exists

Browse Source
This commit is contained in:
Cenk Gündoğan 2021-02-04 16:17:58 +01:00
parent 07f1254d85
commit f9b8fadd85
No known key found for this signature in database
GPG Key ID: A3DBC2F744D484D2
1 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
sys/uri_parser/uri_parser.c
View File

@ -75,9 +75,16 @@ void _consume_userinfo(uri_parser_result_t *result, char *uri,
if (userinfo_end) {
result->userinfo = uri;
result->userinfo_len = userinfo_end - uri;
/* shift host part beyond userinfo and '@' */
result->host += result->userinfo_len + 1;
result->host_len -= result->userinfo_len + 1;
/* shift host part beyond userinfo and '@', but only if possible */
unsigned offset = result->userinfo_len + 1;
if ((result->host + offset) > authority_end) {
result->host_len = 0;
return;
}
result->host_len -= offset;
result->host += offset;
}
}
@ -125,6 +132,11 @@ static char *_consume_authority(uri_parser_result_t *result, char *uri,
/* consume userinfo, if available */
_consume_userinfo(result, uri, authority_end);
/* host is empty */
if (result->host_len == 0) {
return authority_end;
}
char *ipv6_end = NULL;
/* validate IPv6 form */
if (result->host[0] == '[') {