From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTP id 81DBC3858D3C for ; Thu, 26 Aug 2021 21:02:17 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 81DBC3858D3C Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-552-q4Y5MPS2PKydJ4OeyhoppQ-1; Thu, 26 Aug 2021 17:02:15 -0400 X-MC-Unique: q4Y5MPS2PKydJ4OeyhoppQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id BE0EB107B7C5 for ; Thu, 26 Aug 2021 21:02:14 +0000 (UTC) Received: from redhat.com (ovpn-112-63.phx2.redhat.com [10.3.112.63]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A24A35C1BB; Thu, 26 Aug 2021 21:02:14 +0000 (UTC) Received: from fche by redhat.com with local (Exim 4.94.2) (envelope-from ) id 1mJMVp-0005v9-Af; Thu, 26 Aug 2021 17:02:13 -0400 Date: Thu, 26 Aug 2021 17:02:13 -0400 From: "Frank Ch. Eigler" To: Noah Sanci Cc: elfutils-devel@sourceware.org Subject: Re: [Bug debuginfod/28034] client-side %-escape url characters Message-ID: <20210826210213.GM416@redhat.com> References: MIME-Version: 1.0 In-Reply-To: User-Agent: Mutt/1.12.0 (2019-05-25) X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: elfutils-devel@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Elfutils-devel mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Aug 2021 21:02:18 -0000 Hi - > /* PR28034 escape characters in completed url to %hh format. */ > - char *escaped_string; > - escaped_string = curl_easy_escape(data[i].handle, filename, 0); > - if (!escaped_string) > + char escaped_string[PATH_MAX] = {'\0'}; > + char *loc = (char *) filename; > + char *loc2; > + char *tmp; > + for(size_t j = 0; j < strlen(filename); ++j) > { > - rc = -ENOMEM; > - goto out2; > + loc2 = strstr(loc, "/"); > + // If the first character is a '/' > [...] Holy cow that's a lot of work to do it this way. A couple of alternatives: - ditch curl_easy_escape :-( and use a malloc(strlen(x)*3) byte-by-byte copy from source string into destination if not [a-zA-Z0-9/.~] then %-escape or: - keep curl_easy_escape and postprocess byte-by-byte examine the result of curl_easy_escape - if seeing a "%2F", replace the % with a / and memmove the rest of the string 2 bytes ahead It shouldn't need strtok or strstr or a lot of logic or stuff like that really. - FChE