diff options
author | Michael Brown | 2016-01-26 17:16:13 +0100 |
---|---|---|
committer | Michael Brown | 2016-01-26 17:16:13 +0100 |
commit | e55ec845e6ed889a43c14c72ddb9183e0b87c60b (patch) | |
tree | a86a7705f40d57105e2e6bfdc2643b20b7364b8f /src/tests | |
parent | [tftp] Mangle initial slash on TFTP URIs (diff) | |
download | ipxe-e55ec845e6ed889a43c14c72ddb9183e0b87c60b.tar.gz ipxe-e55ec845e6ed889a43c14c72ddb9183e0b87c60b.tar.xz ipxe-e55ec845e6ed889a43c14c72ddb9183e0b87c60b.zip |
[uri] Apply URI decoding for all parsed URIs
The various early-exit paths in parse_uri() accidentally bypass the
URI field decoding. The result is that opaque or relative URIs do not
undergo URI field decoding, resulting in double-encoding when the URIs
are subsequently used. For example:
#!ipxe
set mac ${macstring}
imgfetch /boot/by-mac/${mac:uristring}
would result in an HTTP GET such as
GET /boot/by-mac/00%253A0c%253A29%253Ac5%253A39%253Aa1 HTTP/1.1
rather than the expected
GET /boot/by-mac/00%3A0c%3A29%3Ac5%3A39%3Aa1 HTTP/1.1
Fix by ensuring that URI decoding is always applied regardless of the
URI format.
Reported-by: Andrew Widdersheim <awiddersheim@inetu.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/tests')
-rw-r--r-- | src/tests/uri_test.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/tests/uri_test.c b/src/tests/uri_test.c index a068ab33..57f211aa 100644 --- a/src/tests/uri_test.c +++ b/src/tests/uri_test.c @@ -499,6 +499,18 @@ static struct uri_test uri_mailto = { { .scheme = "mailto", .opaque = "ipxe-devel@lists.ipxe.org" } }; +/** Basic path-only URI */ +static struct uri_test uri_path = { + "/var/lib/tftpboot/pxelinux.0", + { .path = "/var/lib/tftpboot/pxelinux.0" }, +}; + +/** Path-only URI with escaped characters */ +static struct uri_test uri_path_escaped = { + "/hello%20world%3F", + { .path = "/hello world?" }, +}; + /** HTTP URI with all the trimmings */ static struct uri_test uri_http_all = { "http://anon:password@example.com:3001/~foo/cgi-bin/foo.pl?a=b&c=d#bit", @@ -877,6 +889,8 @@ static void uri_test_exec ( void ) { uri_parse_format_dup_ok ( &uri_empty ); uri_parse_format_dup_ok ( &uri_boot_ipxe_org ); uri_parse_format_dup_ok ( &uri_mailto ); + uri_parse_format_dup_ok ( &uri_path ); + uri_parse_format_dup_ok ( &uri_path_escaped ); uri_parse_format_dup_ok ( &uri_http_all ); uri_parse_format_dup_ok ( &uri_http_escaped ); uri_parse_ok ( &uri_http_escaped_improper ); /* Parse only */ |