From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by sourceware.org (Postfix) with ESMTP id C86403858C60 for ; Fri, 27 Aug 2021 14:44:25 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org C86403858C60 Received: from mail-io1-f71.google.com (mail-io1-f71.google.com [209.85.166.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-433-gciY4OevPK6YrPdATcl-eA-1; Fri, 27 Aug 2021 10:44:23 -0400 X-MC-Unique: gciY4OevPK6YrPdATcl-eA-1 Received: by mail-io1-f71.google.com with SMTP id i26-20020a5e851a000000b005bb55343e9bso4133928ioj.7 for ; Fri, 27 Aug 2021 07:44:23 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=e0k/D28WYrxEqfyHJRiQHmaeOFhpvazFK2u7CgyEzaI=; b=bH1f8P22o8zU4/KRwy/RYeEc60c+9GOLskj1xraw2ZqztGwJ3Tzkx0upL0wc3ctjDB ZkmdRSNDhTKYgI8ll7GMW14yi2lFvWXDaaVWr0kNiJGrXTBFdHEhW0PfvrKz11IqufnC CtnRmBlMvTSBFkQNad65YTVvwpwOHaYiJepUsfiKnpwNqDzyWNFxzRa416NTJYC9m0bJ M/kl5ckBMUQfFU6HPPSdPXcp/YjwxpZdLrMljOK53vneVWpVmW/WaHfdLhWNU8pZxWGI r3a+ioehYda9QpRpQric8WWG0UPSENLhjl27WlzNWre1KmC0i1LCxVLQut5SPD+Xexl3 9QoQ== X-Gm-Message-State: AOAM532nDuBMP7gqwqJZDX8McDqj9+ou4kJjC6709v+Sq/+Wt4azLb0E Yuc0gqeXyoTFKcC3+zPodUnEtPu4P0pLi86eJ5n/GZITx5JzrTpoGAFMuyXMSqJaFv7SpwaasgB dp3MvLVhSZQShuVQZWCP7pNEKRWc91sEGt3KPdO4y9w== X-Received: by 2002:a92:7a11:: with SMTP id v17mr6897845ilc.217.1630075462880; Fri, 27 Aug 2021 07:44:22 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwBnbDyABpRI5a3lxg1lXuPDbQJOPKCk29bTm4NHUcUGWn2E1ToqAoHFGacrz85dTKv27wOSD9B/Gm7fNDnhZg= X-Received: by 2002:a92:7a11:: with SMTP id v17mr6897829ilc.217.1630075462520; Fri, 27 Aug 2021 07:44:22 -0700 (PDT) MIME-Version: 1.0 References: <20210826210213.GM416@redhat.com> In-Reply-To: <20210826210213.GM416@redhat.com> From: Noah Sanci Date: Fri, 27 Aug 2021 10:44:11 -0400 Message-ID: Subject: Re: [Bug debuginfod/28034] client-side %-escape url characters To: "Frank Ch. Eigler" Cc: elfutils-devel@sourceware.org X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: multipart/mixed; boundary="000000000000e7181105ca8b844d" X-Spam-Status: No, score=-13.7 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: elfutils-devel@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Elfutils-devel mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Aug 2021 14:44:36 -0000 --000000000000e7181105ca8b844d Content-Type: text/plain; charset="UTF-8" Hello, Here is an updated patch, using memmove. Much smaller. Thanks for the suggestions, Noah Sanci On Thu, Aug 26, 2021 at 5:02 PM Frank Ch. Eigler wrote: > > Hi - > > > /* PR28034 escape characters in completed url to %hh format. */ > > - char *escaped_string; > > - escaped_string = curl_easy_escape(data[i].handle, filename, 0); > > - if (!escaped_string) > > + char escaped_string[PATH_MAX] = {'\0'}; > > + char *loc = (char *) filename; > > + char *loc2; > > + char *tmp; > > + for(size_t j = 0; j < strlen(filename); ++j) > > { > > - rc = -ENOMEM; > > - goto out2; > > + loc2 = strstr(loc, "/"); > > + // If the first character is a '/' > > [...] > > Holy cow that's a lot of work to do it this way. > A couple of alternatives: > > - ditch curl_easy_escape :-( and use a > malloc(strlen(x)*3) > byte-by-byte copy from source string into destination > if not [a-zA-Z0-9/.~] then %-escape > > or: > - keep curl_easy_escape and postprocess > byte-by-byte examine the result of curl_easy_escape > - if seeing a "%2F", replace the % with a / and memmove the > rest of the string 2 bytes ahead > > It shouldn't need strtok or strstr or a lot of logic or stuff like > that really. > > - FChE > --000000000000e7181105ca8b844d Content-Type: text/x-patch; charset="US-ASCII"; name="0001-debuginfod-PR28034-client-side-escape-url-characters.patch" Content-Disposition: attachment; filename="0001-debuginfod-PR28034-client-side-escape-url-characters.patch" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_ksugtm4k0 RnJvbSBkZTdlNTA5NTVkYmE3MTFhZWVlMzMxOTZiZjJiZmVhM2M0NzY5NmY3IE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBOb2FoIFNhbmNpIDxuc2FuY2lAcmVkaGF0LmNvbT4KRGF0ZTog RnJpLCAxNiBKdWwgMjAyMSAxNToxNjoyMCAtMDQwMApTdWJqZWN0OiBbUEFUQ0hdIGRlYnVnaW5m b2Q6IFBSMjgwMzQgLSBjbGllbnQtc2lkZSAlLWVzY2FwZSB1cmwgY2hhcmFjdGVycwoKV2hlbiBy ZXF1ZXN0aW5nIHNvbWUgc291cmNlIGZpbGVzLCBzb21lIFVSTC1pbmNvbnZlbmllbnQgY2hhcnMK c29tZXRpbWVzIHBvcCB1cC4gIEV4YW1wbGUgZnJvbSBmMzMgbGlic3RkYysrOgovYnVpbGRpZC80 NGQ4NDg1Y2I3NTUxMmMyY2E1YzhmNzBhZmJkNDc1Y2FlMzBhZjRmL3NvdXJjZS91c3Ivc3JjL2Rl YnVnLwpnY2MtMTAuMy4xLTEuZmMzMy54ODZfNjQvb2JqLXg4Nl82NC1yZWRoYXQtbGludXgveDg2 XzY0LXJlZGhhdC1saW51eC8KbGlic3RkYysrLXYzL3NyYy9jKysxMS8uLi8uLi8uLi8uLi8uLi9s aWJzdGRjKystdjMvc3JjL2MrKzExLwpjb25kaXRpb25fdmFyaWFibGUuY2MKQXMgdGhpcyBVUkwg aXMgcGFzc2VkIGludG8gZGVidWdpbmZvZCdzIGhhbmRsZXJfY2IsIGl0IGFwcGVhcnMgdGhhdCB0 aGUKKyBzaWducyBhcmUgaGVscGZ1bGx5IHVuZXNjYXBlZCB0byBzcGFjZXMgYnkgbGlibWljcm9o dHRwZCwgd2hpY2gKJ2NvdXJzZSBicmVha3MgZXZlcnl0aGluZy4KSW4gb3JkZXIgdG8gZW5zdXJl IHRoZSBzZXJ2ZXIgcHJvcGVybHkgcGFyc2VzIHVybHMgc3VjaCBhcyB0aGlzIG9uZSwKJS1lc2Nh cGUgY2hhcmFjdGVycyBvbiB0aGUgY2xpZW50IHNpZGUgc28gdGhhdCB0aGUgY29ycmVjdCB1cmwK aXMgcHJlc2VydmVkIGFuZCBwcm9wZXJseSBwcm9jZXNzZWQgb24gdGhlIHNlcnZlciBzaWRlLgoK aHR0cHM6Ly9zb3VyY2V3YXJlLm9yZy9idWd6aWxsYS9zaG93X2J1Zy5jZ2k/aWQ9MjgwMzQKClNp Z25lZC1vZmYtYnk6IE5vYWggU2FuY2kgPG5zYW5jaUByZWRoYXQuY29tPgotLS0KIGRlYnVnaW5m b2QvZGVidWdpbmZvZC1jbGllbnQuYyB8IDE0ICsrKysrKysrKysrKystCiAxIGZpbGUgY2hhbmdl ZCwgMTMgaW5zZXJ0aW9ucygrKSwgMSBkZWxldGlvbigtKQoKZGlmZiAtLWdpdCBhL2RlYnVnaW5m b2QvZGVidWdpbmZvZC1jbGllbnQuYyBiL2RlYnVnaW5mb2QvZGVidWdpbmZvZC1jbGllbnQuYwpp bmRleCA3ZDRiMjIwZi4uZWI0OWI1ODMgMTAwNjQ0Ci0tLSBhL2RlYnVnaW5mb2QvZGVidWdpbmZv ZC1jbGllbnQuYworKysgYi9kZWJ1Z2luZm9kL2RlYnVnaW5mb2QtY2xpZW50LmMKQEAgLTkwNSwx MyArOTA1LDI1IEBAIGRlYnVnaW5mb2RfcXVlcnlfc2VydmVyIChkZWJ1Z2luZm9kX2NsaWVudCAq YywKICAgICAgICAgewogICAgICAgICAgIC8qIFBSMjgwMzQgZXNjYXBlIGNoYXJhY3RlcnMgaW4g Y29tcGxldGVkIHVybCB0byAlaGggZm9ybWF0LiAqLwogICAgICAgICAgIGNoYXIgKmVzY2FwZWRf c3RyaW5nOworICAgICAgICAgIGNoYXIgKmxvYzsKICAgICAgICAgICBlc2NhcGVkX3N0cmluZyA9 IGN1cmxfZWFzeV9lc2NhcGUoZGF0YVtpXS5oYW5kbGUsIGZpbGVuYW1lLCAwKTsKICAgICAgICAg ICBpZiAoIWVzY2FwZWRfc3RyaW5nKQogICAgICAgICAgICAgewogICAgICAgICAgICAgICByYyA9 IC1FTk9NRU07CiAgICAgICAgICAgICAgIGdvdG8gb3V0MjsKICAgICAgICAgICAgIH0KLSAgICAg ICAgICBzbnByaW50ZihkYXRhW2ldLnVybCwgUEFUSF9NQVgsICIlcy8lcy8lcy8lcyIsIHNlcnZl cl91cmwsCisKKyAgICAgICAgICBsb2MgPSBzdHJzdHIoZXNjYXBlZF9zdHJpbmcsICIlMkYiKTsK KyAgICAgICAgICBpZiAobG9jICE9IE5VTEwpCisgICAgICAgICAgICBkbworICAgICAgICAgICAg ICB7CisgICAgICAgICAgICAgICAgbG9jWzBdID0gJy8nOworICAgICAgICAgICAgICAgIC8vIHB1 bGwgdGhlIHN0cmluZyBiYWNrIGFmdGVyIHJlcGxhY2VtZW50CisgICAgICAgICAgICAgICAgbWVt bW92ZShsb2MrMSxsb2MrMyxzdHJsZW4obG9jKzMpKTsKKyAgICAgICAgICAgICAgICBlc2NhcGVk X3N0cmluZ1tzdHJsZW4oZXNjYXBlZF9zdHJpbmcpIC0gMV0gPSAnXDAnOworICAgICAgICAgICAg ICAgIGVzY2FwZWRfc3RyaW5nW3N0cmxlbihlc2NhcGVkX3N0cmluZykgLSAxXSA9ICdcMCc7Cisg ICAgICAgICAgICAgIH0gd2hpbGUoIChsb2MgPSBzdHJzdHIobG9jLCAiJTJGIikpICk7CisgICAg ICAgICAgc25wcmludGYoZGF0YVtpXS51cmwsIFBBVEhfTUFYLCAiJXMvJXMvJXMlcyIsIHNlcnZl cl91cmwsCiAgICAgICAgICAgICAgICAgICAgYnVpbGRfaWRfYnl0ZXMsIHR5cGUsIGVzY2FwZWRf c3RyaW5nKTsKICAgICAgICAgICBjdXJsX2ZyZWUoZXNjYXBlZF9zdHJpbmcpOwogICAgICAgICB9 Ci0tIAoyLjMxLjEKCg== --000000000000e7181105ca8b844d--