diff options
author | Christian Grothoff <christian@grothoff.org> | 2024-01-09 19:29:39 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2024-01-09 19:29:39 +0100 |
commit | 57ba1868520f09b41e08cfd79b89477efb9bce7d (patch) | |
tree | 90b8df48123c628caf947cb895a81d9cc94771c7 /src | |
parent | 1a82df7c16968a237ce3d652db035dbfdfb07b50 (diff) | |
download | gnunet-57ba1868520f09b41e08cfd79b89477efb9bce7d.tar.gz gnunet-57ba1868520f09b41e08cfd79b89477efb9bce7d.zip |
fix #8052
Diffstat (limited to 'src')
-rw-r--r-- | src/include/gnunet_strings_lib.h | 4 | ||||
-rw-r--r-- | src/lib/hello/hello-uri.c | 4 | ||||
-rw-r--r-- | src/lib/util/strings.c | 54 | ||||
-rw-r--r-- | src/lib/util/test_strings.c | 8 | ||||
-rw-r--r-- | src/plugin/reclaim/pabc_helper.c | 16 | ||||
-rw-r--r-- | src/service/rest/openid_plugin.c | 18 |
6 files changed, 80 insertions, 24 deletions
diff --git a/src/include/gnunet_strings_lib.h b/src/include/gnunet_strings_lib.h index f5aaf7014..36dfe9c12 100644 --- a/src/include/gnunet_strings_lib.h +++ b/src/include/gnunet_strings_lib.h | |||
@@ -417,8 +417,8 @@ GNUNET_STRINGS_base64_encode (const void *in, | |||
417 | * @return the size of the output | 417 | * @return the size of the output |
418 | */ | 418 | */ |
419 | size_t | 419 | size_t |
420 | GNUNET_STRINGS_urlencode (const char *data, | 420 | GNUNET_STRINGS_urlencode (size_t len, |
421 | size_t len, | 421 | const char data[static len], |
422 | char **out); | 422 | char **out); |
423 | 423 | ||
424 | 424 | ||
diff --git a/src/lib/hello/hello-uri.c b/src/lib/hello/hello-uri.c index 2e99d701a..49acaf7a9 100644 --- a/src/lib/hello/hello-uri.c +++ b/src/lib/hello/hello-uri.c | |||
@@ -759,8 +759,8 @@ GNUNET_HELLO_builder_to_url (const struct GNUNET_HELLO_Builder *builder, | |||
759 | } | 759 | } |
760 | pfx_len = eou - a->uri; | 760 | pfx_len = eou - a->uri; |
761 | eou += 3; | 761 | eou += 3; |
762 | GNUNET_STRINGS_urlencode (eou, | 762 | GNUNET_STRINGS_urlencode (a->uri_len - 4 - pfx_len, |
763 | a->uri_len - 4 - pfx_len, | 763 | eou, |
764 | &ue); | 764 | &ue); |
765 | GNUNET_asprintf (&tmp, | 765 | GNUNET_asprintf (&tmp, |
766 | "%s%s%.*s=%s", | 766 | "%s%s%.*s=%s", |
diff --git a/src/lib/util/strings.c b/src/lib/util/strings.c index 493d20f1e..8498e74d3 100644 --- a/src/lib/util/strings.c +++ b/src/lib/util/strings.c | |||
@@ -1860,15 +1860,23 @@ GNUNET_STRINGS_urldecode (const char *data, | |||
1860 | 1860 | ||
1861 | 1861 | ||
1862 | size_t | 1862 | size_t |
1863 | GNUNET_STRINGS_urlencode (const char *data, | 1863 | GNUNET_STRINGS_urlencode (size_t len, |
1864 | size_t len, | 1864 | const char data[static len], |
1865 | char **out) | 1865 | char **out) |
1866 | { | 1866 | { |
1867 | struct GNUNET_Buffer buf = { 0 }; | 1867 | struct GNUNET_Buffer buf = { 0 }; |
1868 | const uint8_t *i8 = (uint8_t *) data; | 1868 | const uint8_t *i8 = (uint8_t *) data; |
1869 | const uint8_t *end = (uint8_t *) (data + len); | ||
1869 | 1870 | ||
1870 | while (0 != *i8) | 1871 | while (end != i8) |
1871 | { | 1872 | { |
1873 | if (0 == *i8) | ||
1874 | { | ||
1875 | /* invalid UTF-8 (or bad @a len): fail */ | ||
1876 | GNUNET_break (0); | ||
1877 | GNUNET_buffer_clear (&buf); | ||
1878 | return 0; | ||
1879 | } | ||
1872 | if (0 == (0x80 & *i8)) | 1880 | if (0 == (0x80 & *i8)) |
1873 | { | 1881 | { |
1874 | /* traditional ASCII */ | 1882 | /* traditional ASCII */ |
@@ -1900,6 +1908,14 @@ GNUNET_STRINGS_urlencode (const char *data, | |||
1900 | *i8 >> 4, | 1908 | *i8 >> 4, |
1901 | *i8 & 15); | 1909 | *i8 & 15); |
1902 | i8++; | 1910 | i8++; |
1911 | if ( (end == i8) || | ||
1912 | (0 == *i8) ) | ||
1913 | { | ||
1914 | /* invalid UTF-8 (or bad @a len): fail */ | ||
1915 | GNUNET_break (0); | ||
1916 | GNUNET_buffer_clear (&buf); | ||
1917 | return 0; | ||
1918 | } | ||
1903 | GNUNET_buffer_write_fstr (&buf, | 1919 | GNUNET_buffer_write_fstr (&buf, |
1904 | "%%%X%X", | 1920 | "%%%X%X", |
1905 | *i8 >> 4, | 1921 | *i8 >> 4, |
@@ -1912,6 +1928,14 @@ GNUNET_STRINGS_urlencode (const char *data, | |||
1912 | /* 3-byte value, percent-encode */ | 1928 | /* 3-byte value, percent-encode */ |
1913 | for (unsigned int i = 0; i<3; i++) | 1929 | for (unsigned int i = 0; i<3; i++) |
1914 | { | 1930 | { |
1931 | if ( (end == i8) || | ||
1932 | (0 == *i8) ) | ||
1933 | { | ||
1934 | /* invalid UTF-8 (or bad @a len): fail */ | ||
1935 | GNUNET_break (0); | ||
1936 | GNUNET_buffer_clear (&buf); | ||
1937 | return 0; | ||
1938 | } | ||
1915 | GNUNET_buffer_write_fstr (&buf, | 1939 | GNUNET_buffer_write_fstr (&buf, |
1916 | "%%%X%X", | 1940 | "%%%X%X", |
1917 | *i8 >> 4, | 1941 | *i8 >> 4, |
@@ -1925,6 +1949,14 @@ GNUNET_STRINGS_urlencode (const char *data, | |||
1925 | /* 4-byte value, percent-encode */ | 1949 | /* 4-byte value, percent-encode */ |
1926 | for (unsigned int i = 0; i<4; i++) | 1950 | for (unsigned int i = 0; i<4; i++) |
1927 | { | 1951 | { |
1952 | if ( (end == i8) || | ||
1953 | (0 == *i8) ) | ||
1954 | { | ||
1955 | /* invalid UTF-8 (or bad @a len): fail */ | ||
1956 | GNUNET_break (0); | ||
1957 | GNUNET_buffer_clear (&buf); | ||
1958 | return 0; | ||
1959 | } | ||
1928 | GNUNET_buffer_write_fstr (&buf, | 1960 | GNUNET_buffer_write_fstr (&buf, |
1929 | "%%%X%X", | 1961 | "%%%X%X", |
1930 | *i8 >> 4, | 1962 | *i8 >> 4, |
@@ -1939,6 +1971,14 @@ GNUNET_STRINGS_urlencode (const char *data, | |||
1939 | /* 5-byte value, percent-encode (outside of UTF-8 modern standard, but so what) */ | 1971 | /* 5-byte value, percent-encode (outside of UTF-8 modern standard, but so what) */ |
1940 | for (unsigned int i = 0; i<5; i++) | 1972 | for (unsigned int i = 0; i<5; i++) |
1941 | { | 1973 | { |
1974 | if ( (end == i8) || | ||
1975 | (0 == *i8) ) | ||
1976 | { | ||
1977 | /* invalid UTF-8 (or bad @a len): fail */ | ||
1978 | GNUNET_break (0); | ||
1979 | GNUNET_buffer_clear (&buf); | ||
1980 | return 0; | ||
1981 | } | ||
1942 | GNUNET_buffer_write_fstr (&buf, | 1982 | GNUNET_buffer_write_fstr (&buf, |
1943 | "%%%X%X", | 1983 | "%%%X%X", |
1944 | *i8 >> 4, | 1984 | *i8 >> 4, |
@@ -1954,6 +1994,14 @@ GNUNET_STRINGS_urlencode (const char *data, | |||
1954 | /* 6-byte value, percent-encode (outside of UTF-8 modern standard, but so what) */ | 1994 | /* 6-byte value, percent-encode (outside of UTF-8 modern standard, but so what) */ |
1955 | for (unsigned int i = 0; i<6; i++) | 1995 | for (unsigned int i = 0; i<6; i++) |
1956 | { | 1996 | { |
1997 | if ( (end == i8) || | ||
1998 | (0 == *i8) ) | ||
1999 | { | ||
2000 | /* invalid UTF-8 (or bad @a len): fail */ | ||
2001 | GNUNET_break (0); | ||
2002 | GNUNET_buffer_clear (&buf); | ||
2003 | return 0; | ||
2004 | } | ||
1957 | GNUNET_buffer_write_fstr (&buf, | 2005 | GNUNET_buffer_write_fstr (&buf, |
1958 | "%%%X%X", | 2006 | "%%%X%X", |
1959 | *i8 >> 4, | 2007 | *i8 >> 4, |
diff --git a/src/lib/util/test_strings.c b/src/lib/util/test_strings.c index 0e39b9958..e55741040 100644 --- a/src/lib/util/test_strings.c +++ b/src/lib/util/test_strings.c | |||
@@ -149,16 +149,16 @@ main (int argc, char *argv[]) | |||
149 | GNUNET_STRINGS_fancy_time_to_relative ("15 m", &rtx)); | 149 | GNUNET_STRINGS_fancy_time_to_relative ("15 m", &rtx)); |
150 | GNUNET_assert (rt.rel_value_us == rtx.rel_value_us); | 150 | GNUNET_assert (rt.rel_value_us == rtx.rel_value_us); |
151 | 151 | ||
152 | GNUNET_assert (0 != GNUNET_STRINGS_urlencode (URLENCODE_TEST_VECTOR_PLAIN, | 152 | GNUNET_assert (0 != GNUNET_STRINGS_urlencode (strlen ( |
153 | strlen ( | ||
154 | URLENCODE_TEST_VECTOR_PLAIN), | 153 | URLENCODE_TEST_VECTOR_PLAIN), |
154 | URLENCODE_TEST_VECTOR_PLAIN, | ||
155 | &b)); | 155 | &b)); |
156 | WANT (URLENCODE_TEST_VECTOR_ENCODED, b); | 156 | WANT (URLENCODE_TEST_VECTOR_ENCODED, b); |
157 | GNUNET_free (b); | 157 | GNUNET_free (b); |
158 | GNUNET_assert (0 != | 158 | GNUNET_assert (0 != |
159 | GNUNET_STRINGS_urldecode (URLENCODE_TEST_VECTOR_ENCODED, | 159 | GNUNET_STRINGS_urldecode (strlen ( |
160 | strlen ( | ||
161 | URLENCODE_TEST_VECTOR_ENCODED), | 160 | URLENCODE_TEST_VECTOR_ENCODED), |
161 | URLENCODE_TEST_VECTOR_ENCODED, | ||
162 | &b)); | 162 | &b)); |
163 | WANT (URLENCODE_TEST_VECTOR_PLAIN, b); | 163 | WANT (URLENCODE_TEST_VECTOR_PLAIN, b); |
164 | GNUNET_free (b); | 164 | GNUNET_free (b); |
diff --git a/src/plugin/reclaim/pabc_helper.c b/src/plugin/reclaim/pabc_helper.c index 65a633f7b..d7688e9e1 100644 --- a/src/plugin/reclaim/pabc_helper.c +++ b/src/plugin/reclaim/pabc_helper.c | |||
@@ -145,7 +145,9 @@ PABC_load_public_parameters (struct pabc_context *const ctx, | |||
145 | if (pp_name == NULL) | 145 | if (pp_name == NULL) |
146 | return GNUNET_SYSERR; | 146 | return GNUNET_SYSERR; |
147 | 147 | ||
148 | GNUNET_STRINGS_urlencode (pp_name, strlen (pp_name), &pp_filename); | 148 | GNUNET_STRINGS_urlencode (strlen (pp_name), |
149 | pp_name, | ||
150 | &pp_filename); | ||
149 | if (GNUNET_YES != GNUNET_DISK_directory_test (pdir, GNUNET_YES)) | 151 | if (GNUNET_YES != GNUNET_DISK_directory_test (pdir, GNUNET_YES)) |
150 | { | 152 | { |
151 | GNUNET_free (pp_filename); | 153 | GNUNET_free (pp_filename); |
@@ -177,7 +179,9 @@ PABC_write_public_parameters (char const *const pp_name, | |||
177 | enum pabc_status status; | 179 | enum pabc_status status; |
178 | struct pabc_context *ctx = NULL; | 180 | struct pabc_context *ctx = NULL; |
179 | 181 | ||
180 | GNUNET_STRINGS_urlencode (pp_name, strlen (pp_name), &pp_filename); | 182 | GNUNET_STRINGS_urlencode (strlen (pp_name), |
183 | pp_name, | ||
184 | &pp_filename); | ||
181 | PABC_ASSERT (pabc_new_ctx (&ctx)); | 185 | PABC_ASSERT (pabc_new_ctx (&ctx)); |
182 | // store in json file | 186 | // store in json file |
183 | status = pabc_encode_public_parameters (ctx, pp, &json); | 187 | status = pabc_encode_public_parameters (ctx, pp, &json); |
@@ -258,7 +262,9 @@ PABC_write_usr_ctx (char const *const usr_name, | |||
258 | return GNUNET_SYSERR; | 262 | return GNUNET_SYSERR; |
259 | } | 263 | } |
260 | 264 | ||
261 | GNUNET_STRINGS_urlencode (pp_name, strlen (pp_name), &pp_filename); | 265 | GNUNET_STRINGS_urlencode (strlen (pp_name), |
266 | pp_name, | ||
267 | &pp_filename); | ||
262 | status = pabc_encode_user_ctx (ctx, pp, usr_ctx, &json); | 268 | status = pabc_encode_user_ctx (ctx, pp, usr_ctx, &json); |
263 | if (PABC_OK != status) | 269 | if (PABC_OK != status) |
264 | { | 270 | { |
@@ -329,7 +335,9 @@ PABC_read_usr_ctx (char const *const usr_name, | |||
329 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No user context given.\n"); | 335 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No user context given.\n"); |
330 | return GNUNET_SYSERR; | 336 | return GNUNET_SYSERR; |
331 | } | 337 | } |
332 | GNUNET_STRINGS_urlencode (pp_name, strlen (pp_name), &pp_filename); | 338 | GNUNET_STRINGS_urlencode (strlen (pp_name), |
339 | pp_name, | ||
340 | &pp_filename); | ||
333 | 341 | ||
334 | size_t fname_size = strlen (get_pabcdir ()) + 1 + strlen (usr_name) + 1 | 342 | size_t fname_size = strlen (get_pabcdir ()) + 1 + strlen (usr_name) + 1 |
335 | + strlen (pp_filename) + strlen (PABC_USR_EXT) + 1; | 343 | + strlen (pp_filename) + strlen (PABC_USR_EXT) + 1; |
diff --git a/src/service/rest/openid_plugin.c b/src/service/rest/openid_plugin.c index a4f082d2a..61904494b 100644 --- a/src/service/rest/openid_plugin.c +++ b/src/service/rest/openid_plugin.c | |||
@@ -242,7 +242,7 @@ | |||
242 | * How long to wait for a consume in userinfo endpoint | 242 | * How long to wait for a consume in userinfo endpoint |
243 | */ | 243 | */ |
244 | #define CONSUME_TIMEOUT GNUNET_TIME_relative_multiply ( \ | 244 | #define CONSUME_TIMEOUT GNUNET_TIME_relative_multiply ( \ |
245 | GNUNET_TIME_UNIT_SECONDS,2) | 245 | GNUNET_TIME_UNIT_SECONDS,2) |
246 | 246 | ||
247 | /** | 247 | /** |
248 | * OIDC ignored parameter array | 248 | * OIDC ignored parameter array |
@@ -1022,16 +1022,16 @@ login_redirect (void *cls) | |||
1022 | "&%s=%s", | 1022 | "&%s=%s", |
1023 | OIDC_CLIENT_ID_KEY, | 1023 | OIDC_CLIENT_ID_KEY, |
1024 | handle->oidc->client_id); | 1024 | handle->oidc->client_id); |
1025 | GNUNET_STRINGS_urlencode (handle->oidc->redirect_uri, | 1025 | GNUNET_STRINGS_urlencode (strlen (handle->oidc->redirect_uri), |
1026 | strlen (handle->oidc->redirect_uri), | 1026 | handle->oidc->redirect_uri, |
1027 | &tmp); | 1027 | &tmp); |
1028 | GNUNET_buffer_write_fstr (&buf, | 1028 | GNUNET_buffer_write_fstr (&buf, |
1029 | "&%s=%s", | 1029 | "&%s=%s", |
1030 | OIDC_REDIRECT_URI_KEY, | 1030 | OIDC_REDIRECT_URI_KEY, |
1031 | tmp); | 1031 | tmp); |
1032 | GNUNET_free (tmp); | 1032 | GNUNET_free (tmp); |
1033 | GNUNET_STRINGS_urlencode (handle->oidc->scope, | 1033 | GNUNET_STRINGS_urlencode (strlen (handle->oidc->scope), |
1034 | strlen (handle->oidc->scope), | 1034 | handle->oidc->scope, |
1035 | &tmp); | 1035 | &tmp); |
1036 | GNUNET_buffer_write_fstr (&buf, | 1036 | GNUNET_buffer_write_fstr (&buf, |
1037 | "&%s=%s", | 1037 | "&%s=%s", |
@@ -1040,8 +1040,8 @@ login_redirect (void *cls) | |||
1040 | GNUNET_free (tmp); | 1040 | GNUNET_free (tmp); |
1041 | if (NULL != handle->oidc->state) | 1041 | if (NULL != handle->oidc->state) |
1042 | { | 1042 | { |
1043 | GNUNET_STRINGS_urlencode (handle->oidc->state, | 1043 | GNUNET_STRINGS_urlencode (strlen (handle->oidc->state), |
1044 | strlen (handle->oidc->state), | 1044 | handle->oidc->state, |
1045 | &tmp); | 1045 | &tmp); |
1046 | GNUNET_buffer_write_fstr (&buf, | 1046 | GNUNET_buffer_write_fstr (&buf, |
1047 | "&%s=%s", | 1047 | "&%s=%s", |
@@ -1065,8 +1065,8 @@ login_redirect (void *cls) | |||
1065 | } | 1065 | } |
1066 | if (NULL != handle->oidc->claims) | 1066 | if (NULL != handle->oidc->claims) |
1067 | { | 1067 | { |
1068 | GNUNET_STRINGS_urlencode (handle->oidc->claims, | 1068 | GNUNET_STRINGS_urlencode (strlen (handle->oidc->claims), |
1069 | strlen (handle->oidc->claims), | 1069 | handle->oidc->claims, |
1070 | &tmp); | 1070 | &tmp); |
1071 | GNUNET_buffer_write_fstr (&buf, | 1071 | GNUNET_buffer_write_fstr (&buf, |
1072 | "&%s=%s", | 1072 | "&%s=%s", |