From ae14556114dcae29f679db7c15f0bc9b707bb89a Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 15 Apr 2018 07:29:18 +0200 Subject: moebius#130: URL parser - fix: don't allow empty host name https://github.com/MoonchildProductions/moebius/issues/130 --- netwerk/base/nsStandardURL.cpp | 31 +++++++++++++++++++++---------- netwerk/test/unit/test_URIs.js | 24 ------------------------ netwerk/test/unit/test_standardurl.js | 8 ++++++++ 3 files changed, 29 insertions(+), 34 deletions(-) (limited to 'netwerk') diff --git a/netwerk/base/nsStandardURL.cpp b/netwerk/base/nsStandardURL.cpp index bc1350f28..983e938ca 100644 --- a/netwerk/base/nsStandardURL.cpp +++ b/netwerk/base/nsStandardURL.cpp @@ -1483,6 +1483,11 @@ nsStandardURL::SetSpec(const nsACString &input) rv = BuildNormalizedSpec(spec); } + // Make sure that a URLTYPE_AUTHORITY has a non-empty hostname. + if (mURLType == URLTYPE_AUTHORITY && mHost.mLen == -1) { + rv = NS_ERROR_MALFORMED_URI; + } + if (NS_FAILED(rv)) { Clear(); // If parsing the spec has failed, restore the old URL @@ -3092,20 +3097,26 @@ nsStandardURL::SetFile(nsIFile *file) rv = net_GetURLSpecFromFile(file, url); if (NS_FAILED(rv)) return rv; - SetSpec(url); + uint32_t oldURLType = mURLType; + uint32_t oldDefaultPort = mDefaultPort; + rv = Init(nsIStandardURL::URLTYPE_NO_AUTHORITY, -1, url, nullptr, nullptr); - rv = Init(mURLType, mDefaultPort, url, nullptr, nullptr); + if (NS_FAILED(rv)) { + // Restore the old url type and default port if the call to Init fails. + mURLType = oldURLType; + mDefaultPort = oldDefaultPort; + return rv; + } // must clone |file| since its value is not guaranteed to remain constant - if (NS_SUCCEEDED(rv)) { - InvalidateCache(); - if (NS_FAILED(file->Clone(getter_AddRefs(mFile)))) { - NS_WARNING("nsIFile::Clone failed"); - // failure to clone is not fatal (GetFile will generate mFile) - mFile = nullptr; - } + InvalidateCache(); + if (NS_FAILED(file->Clone(getter_AddRefs(mFile)))) { + NS_WARNING("nsIFile::Clone failed"); + // failure to clone is not fatal (GetFile will generate mFile) + mFile = nullptr; } - return rv; + + return NS_OK; } //---------------------------------------------------------------------------- diff --git a/netwerk/test/unit/test_URIs.js b/netwerk/test/unit/test_URIs.js index b68c4f787..5bc7fe432 100644 --- a/netwerk/test/unit/test_URIs.js +++ b/netwerk/test/unit/test_URIs.js @@ -92,18 +92,6 @@ var gTests = [ ref: "", relativeURI: "data/text/plain,2", nsIURL: true, nsINestedURI: false }, - { spec: "ftp://", - scheme: "ftp", - prePath: "ftp://", - path: "/", - ref: "", - nsIURL: true, nsINestedURI: false }, - { spec: "ftp:///", - scheme: "ftp", - prePath: "ftp://", - path: "/", - ref: "", - nsIURL: true, nsINestedURI: false }, { spec: "ftp://ftp.mozilla.org/pub/mozilla.org/README", scheme: "ftp", prePath: "ftp://ftp.mozilla.org", @@ -135,18 +123,6 @@ var gTests = [ path: "//mozilla.org/", ref: "", nsIURL: false, nsINestedURI: false }, - { spec: "http://", - scheme: "http", - prePath: "http://", - path: "/", - ref: "", - nsIURL: true, nsINestedURI: false }, - { spec: "http:///", - scheme: "http", - prePath: "http://", - path: "/", - ref: "", - nsIURL: true, nsINestedURI: false }, { spec: "http://www.example.com/", scheme: "http", prePath: "http://www.example.com", diff --git a/netwerk/test/unit/test_standardurl.js b/netwerk/test/unit/test_standardurl.js index c4d44f41f..a1a320721 100644 --- a/netwerk/test/unit/test_standardurl.js +++ b/netwerk/test/unit/test_standardurl.js @@ -335,6 +335,14 @@ add_test(function test_backslashReplacement() run_next_test(); }); +add_test(function test_authority_host() +{ + Assert.throws(() => { stringToURL("http:"); }, "TYPE_AUTHORITY should have host"); + Assert.throws(() => { stringToURL("http:///"); }, "TYPE_AUTHORITY should have host"); + + run_next_test(); +}); + add_test(function test_trim_C0_and_space() { var url = stringToURL("\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f http://example.com/ \x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f "); -- cgit v1.2.3