winhttp: Validate the port number in WinHttpCrackUrl.
Signed-off-by: Hans Leidekker <hans@codeweavers.com> Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
parent
1d07f89879
commit
17b4abf47f
|
@ -69,6 +69,9 @@ static const WCHAR url12[] =
|
|||
static const WCHAR url13[] =
|
||||
{'h','t','t','p',':','/','/','w','i','n','e','h','q','.','o',' ','g','/','p','a','t','h',' ','w','i','t','h',' ','s','p','a','c','e','s',0};
|
||||
static const WCHAR url14[] = {'h','t','t','p',':','/','/','w','w','w','.','w','i','n','e','h','q','.','o','r','g','/','t','e','s','t',0};
|
||||
static const WCHAR url15[] = {'h','t','t','p',':','/','/','w','i','n','e','h','q','.','o','r','g',':','6','5','5','3','6',0};
|
||||
static const WCHAR url16[] = {'h','t','t','p',':','/','/','w','i','n','e','h','q','.','o','r','g',':','0',0};
|
||||
static const WCHAR url17[] = {'h','t','t','p',':','/','/','w','i','n','e','h','q','.','o','r','g',':',0};
|
||||
|
||||
static const WCHAR url_k1[] =
|
||||
{'h','t','t','p',':','/','/','u','s','e','r','n','a','m','e',':','p','a','s','s','w','o','r','d',
|
||||
|
@ -718,6 +721,25 @@ static void WinHttpCrackUrl_test( void )
|
|||
ok( uc.dwUrlPathLength == 0, "unexpected length %u\n", uc.dwUrlPathLength );
|
||||
ok( !uc.lpszExtraInfo, "unexpected extra info %s\n", wine_dbgstr_w(uc.lpszExtraInfo) );
|
||||
ok( uc.dwExtraInfoLength == 0, "unexpected length %u\n", uc.dwExtraInfoLength );
|
||||
|
||||
reset_url_components( &uc );
|
||||
SetLastError( 0xdeadbeef );
|
||||
ret = WinHttpCrackUrl( url15, 0, 0, &uc );
|
||||
error = GetLastError();
|
||||
ok( !ret, "WinHttpCrackUrl succeeded\n" );
|
||||
ok( error == ERROR_WINHTTP_INVALID_URL, "got %u\n", error );
|
||||
|
||||
reset_url_components( &uc );
|
||||
uc.nPort = 1;
|
||||
ret = WinHttpCrackUrl( url16, 0, 0, &uc );
|
||||
ok( ret, "got %u\n", GetLastError() );
|
||||
ok( !uc.nPort, "got %u\n", uc.nPort );
|
||||
|
||||
reset_url_components( &uc );
|
||||
uc.nPort = 1;
|
||||
ret = WinHttpCrackUrl( url17, 0, 0, &uc );
|
||||
ok( ret, "got %u\n", GetLastError() );
|
||||
todo_wine ok( uc.nPort == 80, "got %u\n", uc.nPort );
|
||||
}
|
||||
|
||||
START_TEST(url)
|
||||
|
|
|
@ -163,6 +163,19 @@ static WCHAR *escape_url( LPCWSTR url, DWORD *len )
|
|||
return ret;
|
||||
}
|
||||
|
||||
static DWORD parse_port( const WCHAR *str, DWORD len, INTERNET_PORT *ret )
|
||||
{
|
||||
const WCHAR *p = str;
|
||||
DWORD port = 0;
|
||||
while (len && isdigitW( *p ))
|
||||
{
|
||||
if ((port = port * 10 + *p - '0') > 65535) return ERROR_WINHTTP_INVALID_URL;
|
||||
p++; len--;
|
||||
}
|
||||
*ret = port;
|
||||
return ERROR_SUCCESS;
|
||||
}
|
||||
|
||||
/***********************************************************************
|
||||
* WinHttpCrackUrl (winhttp.@)
|
||||
*/
|
||||
|
@ -172,7 +185,7 @@ BOOL WINAPI WinHttpCrackUrl( LPCWSTR url, DWORD len, DWORD flags, LPURL_COMPONEN
|
|||
DWORD err, scheme_len, user_len, passwd_len, host_len, path_len, extra_len;
|
||||
INTERNET_SCHEME scheme = 0;
|
||||
|
||||
TRACE("%s, %d, %x, %p\n", debugstr_w(url), len, flags, uc);
|
||||
TRACE("%s, %d, %x, %p\n", debugstr_wn(url, len), len, flags, uc);
|
||||
|
||||
if (!url || !uc || uc->dwStructSize != sizeof(URL_COMPONENTS))
|
||||
{
|
||||
|
@ -258,7 +271,7 @@ BOOL WINAPI WinHttpCrackUrl( LPCWSTR url, DWORD len, DWORD flags, LPURL_COMPONEN
|
|||
{
|
||||
if ((err = set_component( &uc->lpszHostName, &host_len, p, r - p, flags ))) goto exit;
|
||||
r++;
|
||||
uc->nPort = atoiW( r );
|
||||
if ((err = parse_port( r, q - r, &uc->nPort ))) goto exit;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -284,7 +297,7 @@ BOOL WINAPI WinHttpCrackUrl( LPCWSTR url, DWORD len, DWORD flags, LPURL_COMPONEN
|
|||
{
|
||||
if ((err = set_component( &uc->lpszHostName, &host_len, p, r - p, flags ))) goto exit;
|
||||
r++;
|
||||
uc->nPort = atoiW( r );
|
||||
if ((err = parse_port( r, len - (r - url), &uc->nPort ))) goto exit;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue