Date: Tue, 18 Nov 1997 01:00:25 +0900 (JST) From: watanabe@komadori.planet.kobe-u.ac.jp To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: bin/5072: /usr/bin/fetch parses a URL incorrectly Message-ID: <199711171600.BAA29855@crayon.planet.kobe-u.ac.jp> Resent-Message-ID: <199711171610.IAA21039@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 5072 >Category: bin >Synopsis: /usr/bin/fetch parses a URL incorrectly >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Nov 17 08:10:01 PST 1997 >Last-Modified: >Originator: Takeshi WATANABE >Organization: Kobe University, Kobe, Japan >Release: FreeBSD 2.2.2-RELEASE i386 >Environment: I found a bug on 2.2.2-RELEASE and 2.2.5-RELEASE. I don't know on other versions. >Description: According to RFC-1738 and RFC-1808, a HTTP URL has the following format. http://<host>:<port>/<path>?<searchpart> The <host> part cannot contain the colon character (":"), but the <path> part can. Therefore, the following URL is valid. http://www.host.name/foo:bar/file.html "www.host.name" is <host>, and "/foo:bar/file.html" is /<path>. :<port> is omitted; which means ":80". However, /usr/bin/fetch cannot accept this URL. prompt> fetch http://www.host.name/foo:bar/file.html fetch: `http://www.host.name/foo:bar/file.html': invalid port in URL: Undefined error: 0 So, /usr/bin/fetch parses ":bar" to :<port>. This parsing is incorrect. This problem is not so critical, because we avoid this bug to use the following format. prompt> fetch http://www.host.name:80/foo:bar/file.html /usr/bin/fetch can accept this URL. However, it is clear that this is a bug of /usr/bin/fetch. >How-To-Repeat: Always when we use /usr/bin/fetch with a HTTP URL that contains the colon character (":") in the path name. >Fix: Apply the following patch. --- /usr/src/usr.bin/fetch/http.c.orig Mon Mar 10 16:12:51 1997 +++ /usr/src/usr.bin/fetch/http.c Tue Nov 18 00:21:52 1997 @@ -152,7 +152,7 @@ strncat(hostname, p, q - p); p = slash; - if (colon && colon + 1 != slash) { + if (q == colon && colon + 1 != slash) { unsigned long ul; char *ep; >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199711171600.BAA29855>