aboutsummaryrefslogtreecommitdiffstats
path: root/src/libserver/url.c
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2018-06-05 13:42:36 +0100
committerVsevolod Stakhov <vsevolod@highsecure.ru>2018-06-05 13:42:36 +0100
commit3c530fce0934e296d5f2a8f80f3f8540c13b3a8d (patch)
treef2df0a70643209358ce67f9604a6126e382df6cf /src/libserver/url.c
parentfcc57ae988f053a283bda4e2cac1c0811b6c33ba (diff)
downloadrspamd-3c530fce0934e296d5f2a8f80f3f8540c13b3a8d.tar.gz
rspamd-3c530fce0934e296d5f2a8f80f3f8540c13b3a8d.zip
[Fix] Fix parsing of urls with numeric password
Diffstat (limited to 'src/libserver/url.c')
-rw-r--r--src/libserver/url.c46
1 files changed, 39 insertions, 7 deletions
diff --git a/src/libserver/url.c b/src/libserver/url.c
index 23826d51b..8e4cb2133 100644
--- a/src/libserver/url.c
+++ b/src/libserver/url.c
@@ -1012,13 +1012,45 @@ rspamd_web_parse (struct http_parser_url *u, const gchar *str, gsize len,
break;
case parse_port_password:
if (g_ascii_isdigit (t)) {
- /* XXX: that breaks urls with passwords starting with number */
- st = parse_port;
- c = slash;
- p--;
- SET_U (u, UF_HOST);
- p++;
- c = p;
+ const gchar *tmp = p;
+
+ while (tmp < last) {
+ if (!g_ascii_isdigit (*tmp)) {
+ if (*tmp == '/' || *tmp == '#' || *tmp == '?') {
+ /* Port + something */
+ st = parse_port;
+ c = slash;
+ p--;
+ SET_U (u, UF_HOST);
+ p++;
+ c = p;
+ break;
+ }
+ else {
+ /* Not a port, bad character at the end */
+ break;
+ }
+ }
+ tmp ++;
+ }
+
+ if (tmp == last) {
+ /* Host + port only */
+ st = parse_port;
+ c = slash;
+ p--;
+ SET_U (u, UF_HOST);
+ p++;
+ c = p;
+ }
+
+ if (st != parse_port) {
+ /* Fallback to user:password */
+ p = slash;
+ c = slash;
+ user_seen = TRUE;
+ st = parse_user;
+ }
}
else {
/* Rewind back */