Skip to content

Commit

Permalink
[uri] Apply URI decoding for all parsed URIs
Browse files Browse the repository at this point in the history 
The various early-exit paths in parse_uri() accidentally bypass the
URI field decoding.  The result is that opaque or relative URIs do not
undergo URI field decoding, resulting in double-encoding when the URIs
are subsequently used.  For example:

  #!ipxe
  set mac ${macstring}
  imgfetch /boot/by-mac/${mac:uristring}

would result in an HTTP GET such as

  GET /boot/by-mac/00%253A0c%253A29%253Ac5%253A39%253Aa1 HTTP/1.1

rather than the expected

  GET /boot/by-mac/00%3A0c%3A29%3Ac5%3A39%3Aa1 HTTP/1.1

Fix by ensuring that URI decoding is always applied regardless of the
URI format.

Reported-by: Andrew Widdersheim <awiddersheim@inetu.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
  • Loading branch information
@mcb30
mcb30 committed Jan 26, 2016
1 parent f0e9e55 commit e55ec84
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 1 deletion.
2 changes: 1 addition & 1 deletion src/core/uri.c
View file
Expand Up @@ -419,11 +419,11 @@ struct uri * parse_uri ( const char *uri_string ) {
uri->port = tmp;
}

done:
/* Decode fields in-place */
for ( field = 0 ; field < URI_FIELDS ; field++ )
uri_decode_inplace ( uri, field );

done:
DBGC ( uri, "URI parsed \"%s\" to", uri_string );
uri_dump ( uri );
DBGC ( uri, "\n" );
Expand Down
14 changes: 14 additions & 0 deletions src/tests/uri_test.c
View file
Expand Up @@ -499,6 +499,18 @@ static struct uri_test uri_mailto = {
{ .scheme = "mailto", .opaque = "ipxe-devel@lists.ipxe.org" }
};

/** Basic path-only URI */
static struct uri_test uri_path = {
"/var/lib/tftpboot/pxelinux.0",
{ .path = "/var/lib/tftpboot/pxelinux.0" },
};

/** Path-only URI with escaped characters */
static struct uri_test uri_path_escaped = {
"/hello%20world%3F",
{ .path = "/hello world?" },
};

/** HTTP URI with all the trimmings */
static struct uri_test uri_http_all = {
"http://anon:password@example.com:3001/~foo/cgi-bin/foo.pl?a=b&c=d#bit",
Expand Down Expand Up @@ -877,6 +889,8 @@ static void uri_test_exec ( void ) {
uri_parse_format_dup_ok ( &uri_empty );
uri_parse_format_dup_ok ( &uri_boot_ipxe_org );
uri_parse_format_dup_ok ( &uri_mailto );
uri_parse_format_dup_ok ( &uri_path );
uri_parse_format_dup_ok ( &uri_path_escaped );
uri_parse_format_dup_ok ( &uri_http_all );
uri_parse_format_dup_ok ( &uri_http_escaped );
uri_parse_ok ( &uri_http_escaped_improper ); /* Parse only */
Expand Down

0 comments on commit e55ec84

Please sign in to comment.