changeset 1305:29b4740d571e

Fixed URL unescaping in the datauri DPI
author Jorge Arellano Cid <jcid@dillo.org>
date Tue, 08 Sep 2009 14:16:54 -0400
parents 55697486ef42
children cccefbad7fd6
files ChangeLog dpi/datauri.c dpi/dpiutil.c dpi/dpiutil.h
diffstat 4 files changed, 45 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Thu Sep 03 03:03:06 2009 +0000
+++ b/ChangeLog	Tue Sep 08 14:16:54 2009 -0400
@@ -20,6 +20,7 @@
  - Bugfix: remove the empty cache entry lingering after connection abort.
  - Switched capi to use dlib's Dlist instead of a_List_* methods.
  - Remove empty cache entries on Stop-button press and new link request!
+ - Fixed URL unescaping in the datauri DPI.
    Patches: Jorge Arellano Cid
 +- Fix segfault from AREA when MAP is missing name attribute.
  - Fix image map coordinates when margin/border/padding present.
--- a/dpi/datauri.c	Thu Sep 03 03:03:06 2009 +0000
+++ b/dpi/datauri.c	Tue Sep 08 14:16:54 2009 -0400
@@ -15,6 +15,8 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <ctype.h>
+#include <errno.h>
 
 #include "../dpip/dpip.h"
 #include "dpiutil.h"
@@ -35,7 +37,19 @@
  */
 static SockHandler *sh = NULL;
 
+static void b64strip_illegal_chars(unsigned char* str)
+{
+   unsigned char *p, *s = str;
 
+   MSG("len=%d{%s}\n", strlen((char*)str), str);
+
+   for (p = s; (*p = *s); ++s) {
+      if (isalnum(*p) || strchr("+/=", *p))
+         ++p;
+   }
+
+   MSG("len=%d{%s}\n", strlen((char *)str), str);
+}
 
 static int b64decode(unsigned char* str)
 {
@@ -255,7 +269,8 @@
    if (p) {
       ++p;
       if (is_base64) {
-         data = (unsigned char *)dStrdup(p);
+         data = (unsigned char *)Unescape_uri_str(p);
+         b64strip_illegal_chars(data);
          *p_sz = (size_t) b64decode(data);
       } else {
          data = (unsigned char *)a_Url_decode_hex_str(p, p_sz);
--- a/dpi/dpiutil.c	Thu Sep 03 03:03:06 2009 +0000
+++ b/dpi/dpiutil.c	Tue Sep 08 14:16:54 2009 -0400
@@ -57,6 +57,28 @@
    return p;
 }
 
+/*
+ * Unescape %XX sequences in a string.
+ * Return value: a new unescaped string
+ */
+char *Unescape_uri_str(const char *s)
+{
+   char *p, *buf = dStrdup(s);
+
+   if (strchr(s, '%')) {
+      for (p = buf; (*p = *s); ++s, ++p) {
+         if (*p == '%' && isxdigit(s[1]) && isxdigit(s[2])) {
+            *p = (isdigit(s[1]) ? (s[1] - '0') : toupper(s[1]) - 'A' + 10)*16;
+            *p += isdigit(s[2]) ? (s[2] - '0') : toupper(s[2]) - 'A' + 10;
+            s += 2;
+         }
+      }
+   }
+
+   return buf;
+}
+
+
 static const char *unsafe_chars = "&<>\"'";
 static const char *unsafe_rep[] =
   { "&amp;", "&lt;", "&gt;", "&quot;", "&#39;" };
--- a/dpi/dpiutil.h	Thu Sep 03 03:03:06 2009 +0000
+++ b/dpi/dpiutil.h	Tue Sep 08 14:16:54 2009 -0400
@@ -72,6 +72,12 @@
 char *Escape_uri_str(const char *str, const char *p_esc_set);
 
 /*
+ * Unescape %XX sequences in a string.
+ * Return value: a new unescaped string
+ */
+char *Unescape_uri_str(const char *str);
+
+/*
  * Escape unsafe characters as html entities.
  * Return value: New escaped string.
  */