Browse Source

[uri] Apply URI decoding for all parsed URIs

The various early-exit paths in parse_uri() accidentally bypass the
URI field decoding.  The result is that opaque or relative URIs do not
undergo URI field decoding, resulting in double-encoding when the URIs
are subsequently used.  For example:

  #!ipxe
  set mac ${macstring}
  imgfetch /boot/by-mac/${mac:uristring}

would result in an HTTP GET such as

  GET /boot/by-mac/00%253A0c%253A29%253Ac5%253A39%253Aa1 HTTP/1.1

rather than the expected

  GET /boot/by-mac/00%3A0c%3A29%3Ac5%3A39%3Aa1 HTTP/1.1

Fix by ensuring that URI decoding is always applied regardless of the
URI format.

Reported-by: Andrew Widdersheim <awiddersheim@inetu.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 8 years ago
parent
commit
e55ec845e6
2 changed files with 15 additions and 1 deletions
  1. 1
    1
      src/core/uri.c
  2. 14
    0
      src/tests/uri_test.c

+ 1
- 1
src/core/uri.c View File

419
 		uri->port = tmp;
419
 		uri->port = tmp;
420
 	}
420
 	}
421
 
421
 
422
+ done:
422
 	/* Decode fields in-place */
423
 	/* Decode fields in-place */
423
 	for ( field = 0 ; field < URI_FIELDS ; field++ )
424
 	for ( field = 0 ; field < URI_FIELDS ; field++ )
424
 		uri_decode_inplace ( uri, field );
425
 		uri_decode_inplace ( uri, field );
425
 
426
 
426
- done:
427
 	DBGC ( uri, "URI parsed \"%s\" to", uri_string );
427
 	DBGC ( uri, "URI parsed \"%s\" to", uri_string );
428
 	uri_dump ( uri );
428
 	uri_dump ( uri );
429
 	DBGC ( uri, "\n" );
429
 	DBGC ( uri, "\n" );

+ 14
- 0
src/tests/uri_test.c View File

499
 	{ .scheme = "mailto", .opaque = "ipxe-devel@lists.ipxe.org" }
499
 	{ .scheme = "mailto", .opaque = "ipxe-devel@lists.ipxe.org" }
500
 };
500
 };
501
 
501
 
502
+/** Basic path-only URI */
503
+static struct uri_test uri_path = {
504
+	"/var/lib/tftpboot/pxelinux.0",
505
+	{ .path = "/var/lib/tftpboot/pxelinux.0" },
506
+};
507
+
508
+/** Path-only URI with escaped characters */
509
+static struct uri_test uri_path_escaped = {
510
+	"/hello%20world%3F",
511
+	{ .path = "/hello world?" },
512
+};
513
+
502
 /** HTTP URI with all the trimmings */
514
 /** HTTP URI with all the trimmings */
503
 static struct uri_test uri_http_all = {
515
 static struct uri_test uri_http_all = {
504
 	"http://anon:password@example.com:3001/~foo/cgi-bin/foo.pl?a=b&c=d#bit",
516
 	"http://anon:password@example.com:3001/~foo/cgi-bin/foo.pl?a=b&c=d#bit",
877
 	uri_parse_format_dup_ok ( &uri_empty );
889
 	uri_parse_format_dup_ok ( &uri_empty );
878
 	uri_parse_format_dup_ok ( &uri_boot_ipxe_org );
890
 	uri_parse_format_dup_ok ( &uri_boot_ipxe_org );
879
 	uri_parse_format_dup_ok ( &uri_mailto );
891
 	uri_parse_format_dup_ok ( &uri_mailto );
892
+	uri_parse_format_dup_ok ( &uri_path );
893
+	uri_parse_format_dup_ok ( &uri_path_escaped );
880
 	uri_parse_format_dup_ok ( &uri_http_all );
894
 	uri_parse_format_dup_ok ( &uri_http_all );
881
 	uri_parse_format_dup_ok ( &uri_http_escaped );
895
 	uri_parse_format_dup_ok ( &uri_http_escaped );
882
 	uri_parse_ok ( &uri_http_escaped_improper ); /* Parse only */
896
 	uri_parse_ok ( &uri_http_escaped_improper ); /* Parse only */

Loading…
Cancel
Save