Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-winehq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-winehq
Commits
c35a0428
Commit
c35a0428
authored
Jun 29, 2008
by
Hans Leidekker
Committed by
Alexandre Julliard
Jun 30, 2008
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
wininet: Don't assume URL is null-terminated in InternetCrackUrlW.
parent
c3ecb724
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
31 additions
and
12 deletions
+31
-12
internet.c
dlls/wininet/internet.c
+31
-12
No files found.
dlls/wininet/internet.c
View file @
c35a0428
...
...
@@ -1268,10 +1268,10 @@ BOOL WINAPI InternetCrackUrlW(LPCWSTR lpszUrl_orig, DWORD dwUrlLength_orig, DWOR
LPCWSTR
lpszcp
=
NULL
;
LPWSTR
lpszUrl_decode
=
NULL
;
DWORD
dwUrlLength
=
dwUrlLength_orig
;
const
WCHAR
lpszSeparators
[
3
]
=
{
';'
,
'?'
,
0
};
const
WCHAR
lpszSlash
[
2
]
=
{
'/'
,
0
};
TRACE
(
"(%s %u %x %p)
\n
"
,
debugstr_w
(
lpszUrl
),
dwUrlLength
,
dwFlags
,
lpUC
);
TRACE
(
"(%s %u %x %p)
\n
"
,
lpszUrl
?
debugstr_wn
(
lpszUrl
,
dwUrlLength
?
dwUrlLength
:
strlenW
(
lpszUrl
))
:
"(null)"
,
dwUrlLength
,
dwFlags
,
lpUC
);
if
(
!
lpszUrl_orig
||
!*
lpszUrl_orig
||
!
lpUC
)
{
...
...
@@ -1282,16 +1282,33 @@ BOOL WINAPI InternetCrackUrlW(LPCWSTR lpszUrl_orig, DWORD dwUrlLength_orig, DWOR
if
(
dwFlags
&
ICU_DECODE
)
{
lpszUrl_decode
=
HeapAlloc
(
GetProcessHeap
(),
0
,
dwUrlLength
*
sizeof
(
WCHAR
)
);
if
(
InternetCanonicalizeUrlW
(
lpszUrl_orig
,
lpszUrl_decode
,
&
dwUrlLength
,
dwFlags
))
WCHAR
*
url_tmp
;
DWORD
len
=
dwUrlLength
+
1
;
if
(
!
(
url_tmp
=
HeapAlloc
(
GetProcessHeap
(),
0
,
len
*
sizeof
(
WCHAR
))))
{
INTERNET_SetLastError
(
ERROR_OUTOFMEMORY
);
return
FALSE
;
}
memcpy
(
url_tmp
,
lpszUrl_orig
,
dwUrlLength
*
sizeof
(
WCHAR
));
url_tmp
[
dwUrlLength
]
=
0
;
if
(
!
(
lpszUrl_decode
=
HeapAlloc
(
GetProcessHeap
(),
0
,
len
*
sizeof
(
WCHAR
))))
{
HeapFree
(
GetProcessHeap
(),
0
,
url_tmp
);
INTERNET_SetLastError
(
ERROR_OUTOFMEMORY
);
return
FALSE
;
}
if
(
InternetCanonicalizeUrlW
(
url_tmp
,
lpszUrl_decode
,
&
len
,
ICU_DECODE
|
ICU_NO_ENCODE
))
{
dwUrlLength
=
len
;
lpszUrl
=
lpszUrl_decode
;
}
HeapFree
(
GetProcessHeap
(),
0
,
url_tmp
);
}
lpszap
=
lpszUrl
;
/* Determine if the URI is absolute. */
while
(
*
lpszap
!=
'\0'
)
while
(
lpszap
-
lpszUrl
<
dwUrlLength
)
{
if
(
isalnumW
(
*
lpszap
))
{
...
...
@@ -1315,7 +1332,9 @@ BOOL WINAPI InternetCrackUrlW(LPCWSTR lpszUrl_orig, DWORD dwUrlLength_orig, DWOR
lpUC
->
nPort
=
INTERNET_INVALID_PORT_NUMBER
;
/* Parse <params> */
lpszParam
=
strpbrkW
(
lpszap
,
lpszSeparators
);
if
(
!
(
lpszParam
=
memchrW
(
lpszap
,
';'
,
dwUrlLength
-
(
lpszap
-
lpszUrl
))))
lpszParam
=
memchrW
(
lpszap
,
'?'
,
dwUrlLength
-
(
lpszap
-
lpszUrl
));
SetUrlComponentValueW
(
&
lpUC
->
lpszExtraInfo
,
&
lpUC
->
dwExtraInfoLength
,
lpszParam
,
lpszParam
?
dwUrlLength
-
(
lpszParam
-
lpszUrl
)
:
0
);
...
...
@@ -1336,7 +1355,7 @@ BOOL WINAPI InternetCrackUrlW(LPCWSTR lpszUrl_orig, DWORD dwUrlLength_orig, DWOR
{
lpszcp
+=
2
;
lpszNetLoc
=
strpbrkW
(
lpszcp
,
lpszSlash
);
lpszNetLoc
=
memchrW
(
lpszcp
,
'/'
,
dwUrlLength
-
(
lpszcp
-
lpszUrl
)
);
if
(
lpszParam
)
{
if
(
lpszNetLoc
)
...
...
@@ -1356,7 +1375,7 @@ BOOL WINAPI InternetCrackUrlW(LPCWSTR lpszUrl_orig, DWORD dwUrlLength_orig, DWOR
/* [<user>[<:password>]@]<host>[:<port>] */
/* First find the user and password if they exist */
lpszHost
=
strchrW
(
lpszcp
,
'@'
);
lpszHost
=
memchrW
(
lpszcp
,
'@'
,
dwUrlLength
-
(
lpszcp
-
lpszUrl
)
);
if
(
lpszHost
==
NULL
||
lpszHost
>
lpszNetLoc
)
{
/* username and password not specified. */
...
...
@@ -1465,7 +1484,7 @@ BOOL WINAPI InternetCrackUrlW(LPCWSTR lpszUrl_orig, DWORD dwUrlLength_orig, DWOR
* <protocol>:[//<net_loc>][/path][;<params>][?<query>][#<fragment>]
* ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
*/
if
(
lpszcp
!=
0
&&
*
lpszcp
!=
'\0'
&&
(
!
lpszParam
||
lpszcp
<
lpszParam
))
if
(
lpszcp
!=
0
&&
lpszcp
-
lpszUrl
<
dwUrlLength
&&
(
!
lpszParam
||
lpszcp
<
lpszParam
))
{
INT
len
;
...
...
@@ -1479,7 +1498,7 @@ BOOL WINAPI InternetCrackUrlW(LPCWSTR lpszUrl_orig, DWORD dwUrlLength_orig, DWOR
/* Leave the parameter list in lpszUrlPath. Strip off any trailing
* newlines if necessary.
*/
LPWSTR
lpsznewline
=
strchrW
(
lpszcp
,
'\n'
);
LPWSTR
lpsznewline
=
memchrW
(
lpszcp
,
'\n'
,
dwUrlLength
-
(
lpszcp
-
lpszUrl
)
);
if
(
lpsznewline
!=
NULL
)
len
=
lpsznewline
-
lpszcp
;
else
...
...
@@ -1592,7 +1611,7 @@ BOOL WINAPI InternetCanonicalizeUrlW(LPCWSTR lpszUrl, LPWSTR lpszBuffer,
DWORD
dwURLFlags
=
URL_WININET_COMPATIBILITY
|
URL_ESCAPE_UNSAFE
;
TRACE
(
"(%s, %p, %p, 0x%08x) bufferlength: %d
\n
"
,
debugstr_w
(
lpszUrl
),
lpszBuffer
,
lpdwBufferLength
,
lpdwBufferLength
?
*
lpdwBufferLength
:
-
1
,
dwFlags
);
lpdwBufferLength
,
dwFlags
,
lpdwBufferLength
?
*
lpdwBufferLength
:
-
1
);
if
(
dwFlags
&
ICU_DECODE
)
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment