From ec08e2f9f24da5974be1ab222c5703fd9fb3722f Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 30 Sep 2007 22:40:24 +0000 Subject: [PATCH] Alex Fishman reported a curl_easy_escape() problem that was made the function do wrong on all input bytes that are >= 0x80 (decimal 128) due to a signed / unsigned mistake in the code. I fixed it and added test case 543 to verify. --- CHANGES | 6 ++++++ RELEASE-NOTES | 5 +++-- lib/escape.c | 4 ++-- tests/data/Makefile.am | 2 +- tests/data/test543 | 35 +++++++++++++++++++++++++++++++++++ tests/libtest/Makefile.am | 4 +++- tests/libtest/lib543.c | 32 ++++++++++++++++++++++++++++++++ 7 files changed, 82 insertions(+), 6 deletions(-) create mode 100644 tests/data/test543 create mode 100644 tests/libtest/lib543.c diff --git a/CHANGES b/CHANGES index a53e60f8ea..1f9a876f94 100644 --- a/CHANGES +++ b/CHANGES @@ -6,6 +6,12 @@ Changelog +Daniel S (1 October 2007) +- Alex Fishman reported a curl_easy_escape() problem that was made the + function do wrong on all input bytes that are >= 0x80 (decimal 128) due to a + signed / unsigned mistake in the code. I fixed it and added test case 543 to + verify. + Daniel S (29 September 2007) - Immanuel Gregoire fixed a problem with persistent transfers over SFTP. diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 5618ae5028..d9110206d6 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -27,7 +27,8 @@ This release includes the following bugfixes: o --ftp-method nocwd on directory listings o FTP, CURLOPT_NOBODY enabled and CURLOPT_HEADER disabled now does TYPE before SIZE - o persistent transfers over SFTP + o re-used handle transfers with SFTP + o curl_easy_escape() problem with byte values >= 128 This release includes the following known bugs: @@ -45,6 +46,6 @@ This release would not have looked like this without help, code, reports and advice from friends like these: Dan Fandrich, Michal Marek, Günter Knauf, Rob Crittenden, Immanuel Gregoire, - Mark Davies, Max Katsev, Philip Langdale + Mark Davies, Max Katsev, Philip Langdale, Alex Fishman Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/escape.c b/lib/escape.c index fd08451de8..ec9883f11f 100644 --- a/lib/escape.c +++ b/lib/escape.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2006, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2007, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -59,7 +59,7 @@ char *curl_easy_escape(CURL *handle, const char *string, int inlength) size_t alloc = (inlength?(size_t)inlength:strlen(string))+1; char *ns; char *testing_ptr = NULL; - char in; + unsigned char in; /* we need to treat the characters unsigned */ size_t newlen = alloc; int strindex=0; size_t length; diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 22ddb7f2ca..994e5dfd11 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -44,4 +44,4 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \ test409 test613 test614 test700 test701 test702 test704 test705 test703 \ test706 test707 test350 test351 test352 test353 test289 test540 test354 \ test231 test1000 test1001 test1002 test1003 test1004 test1005 test1006 \ - test615 test1007 test541 test1010 test1011 test1012 + test615 test1007 test541 test1010 test1011 test1012 test542 test543 diff --git a/tests/data/test543 b/tests/data/test543 new file mode 100644 index 0000000000..4556330375 --- /dev/null +++ b/tests/data/test543 @@ -0,0 +1,35 @@ + + + +curl_easy_escape + + +# Server-side + +# Client-side + + +none + + +lib543 + + +curl_easy_escape + + +- + + + + +# Verify data after the test has been "shot" +# +# There's no MTDM in the protocol here since this code doesn't ask for the +# time/date of the file + + +%9C%26K%3DI%04%A1%01%E0%D8%7C%20%B7%EFS%29%FA%1DW%E1 + + + diff --git a/tests/libtest/Makefile.am b/tests/libtest/Makefile.am index 395564a6ed..f0fb24ed0d 100644 --- a/tests/libtest/Makefile.am +++ b/tests/libtest/Makefile.am @@ -47,7 +47,7 @@ SUPPORTFILES = first.c test.h noinst_PROGRAMS = lib500 lib501 lib502 lib503 lib504 lib505 lib506 \ lib507 lib508 lib509 lib510 lib511 lib512 lib513 lib514 lib515 lib516 \ lib517 lib518 lib519 lib520 lib521 lib523 lib524 lib525 lib526 lib527 \ - lib529 lib530 lib532 lib533 lib536 lib537 lib540 lib541 lib542 + lib529 lib530 lib532 lib533 lib536 lib537 lib540 lib541 lib542 lib543 # Dependencies (may need to be overriden) LDADD = $(LIBDIR)/libcurl.la @@ -130,3 +130,5 @@ lib540_SOURCES = lib540.c $(SUPPORTFILES) lib541_SOURCES = lib541.c $(SUPPORTFILES) lib542_SOURCES = lib542.c $(SUPPORTFILES) + +lib543_SOURCES = lib543.c $(SUPPORTFILES) diff --git a/tests/libtest/lib543.c b/tests/libtest/lib543.c new file mode 100644 index 0000000000..2e930d2d6b --- /dev/null +++ b/tests/libtest/lib543.c @@ -0,0 +1,32 @@ +/***************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * $Id$ + * + * Based on Alex Fishman's bug report on September 30, 2007 + */ + +#include "setup.h" +#include "test.h" + +int test(char *URL) +{ + unsigned char a[] = {0x9c, 0x26, 0x4b, 0x3d, 0x49, 0x4, 0xa1, 0x1, + 0xe0, 0xd8, 0x7c, 0x20, 0xb7, 0xef, 0x53, 0x29, 0xfa, + 0x1d, 0x57, 0xe1}; + + CURL* easy = curl_easy_init(); + char* s = curl_easy_escape(easy, (char*)a, sizeof(a)); + (void)URL; + + printf("%s\n", s); + + curl_free(s); + curl_easy_cleanup(easy); + + return 0; +}