X-Git-Url: https://git.m6w6.name/?a=blobdiff_plain;f=src%2Fphp_http_url.c;h=9140c6824e32ad2a7819b20982fd322d4e111187;hb=55d74c2d07edcf6d51fe62bc257c3bde0f7f25d4;hp=1215942bc55ba3dc1ee1eef8c8c4e9e339a31cf8;hpb=3724cd76a28be1d6049b5537232e97ac567ae1f5;p=m6w6%2Fext-http diff --git a/src/php_http_url.c b/src/php_http_url.c index 1215942..9140c68 100644 --- a/src/php_http_url.c +++ b/src/php_http_url.c @@ -263,6 +263,7 @@ php_http_url_t *php_http_url_mod(const php_http_url_t *old_url, const php_http_u /* replace directory references if path is not a single slash */ if ((flags & PHP_HTTP_URL_SANITIZE_PATH) + && url(buf)->path && url(buf)->path[0] && url(buf)->path[1]) { char *ptr, *end = url(buf)->path + strlen(url(buf)->path) + 1; @@ -1094,9 +1095,7 @@ static ZEND_RESULT_CODE parse_hostinfo(struct parse_state *state, const char *pt state->buffer[state->offset++] = *ptr; break; - case '!': case '$': case '&': case '\'': case '(': case ')': case '*': - case '+': case ',': case ';': case '=': /* sub-delims */ - case '-': case '.': case '_': case '~': /* unreserved */ + case '.': if (port || !label) { /* sort of a compromise, just ensure we don't end up * with a dot at the beginning or two consecutive dots @@ -1111,6 +1110,21 @@ static ZEND_RESULT_CODE parse_hostinfo(struct parse_state *state, const char *pt label = NULL; break; + case '-': + if (!label) { + /* sort of a compromise, just ensure we don't end up + * with a hyphen at the beginning + */ + php_error_docref(NULL TSRMLS_CC, E_WARNING, + "Failed to parse %s; unexpected '%c' at pos %u in '%s'", + port ? "port" : "host", + (unsigned char) *ptr, (unsigned) (ptr - tmp), tmp); + return FAILURE; + } + /* no break */ + case '_': case '~': /* unreserved */ + case '!': case '$': case '&': case '\'': case '(': case ')': case '*': + case '+': case ',': case ';': case '=': /* sub-delims */ case 'A': case 'B': case 'C': case 'D': case 'E': case 'F': case 'G': case 'H': case 'I': case 'J': case 'K': case 'L': case 'M': case 'N': case 'O': case 'P': case 'Q': case 'R': case 'S': case 'T': case 'U':