File SQUID-2020_11.patch of Package squid

Overview Repositories Revisions Requests Users Attributes Meta

File SQUID-2020_11.patch of Package squid

commit 50e0ba1b03ec39720e981a641bb0d4e73aaa7b94
Author: Amos Jeffries <yadij@users.noreply.github.com>
Date:   2020-09-04 17:38:30 +1200

Merge pull request from GHSA-jvf6-h9gj-pmj6
    
    * Add slash prefix to path-rootless or path-noscheme URLs
    
    * Update src/anyp/Uri.cc
    
    Co-authored-by: Alex Rousskov <rousskov@measurement-factory.com>
    
    * restore file trailer GH auto-removes
    
    * Remove redundant path-empty check
    
    * Removed stale comment left behind by b2ab59a
    
    Many things imply a leading `/` in a URI. Their enumeration is likely to
    (and did) become stale, misleading the reader.
    
    * fixup: Remind that the `src` iterator may be at its end
    
    We are dereferencing `src` without comparing it to `\0`.
    To many readers that (incorrectly) implies that we are not done iterating yet.
    
    Also fixed branch-added comment indentation.
    
    Co-authored-by: Alex Rousskov <rousskov@measurement-factory.com>

Index: squid-3.5.21/src/url.cc
===================================================================
--- squid-3.5.21.orig/src/url.cc
+++ squid-3.5.21/src/url.cc
@@ -355,8 +355,9 @@ urlParse(const HttpRequestMethod& method
             return NULL;
         *dst = '\0';
 
-        // bug 3074: received 'path' starting with '?', '#', or '\0' implies '/'
-        if (*src == '?' || *src == '#' || *src == '\0') {
+        // We are looking at path-abempty.
+        if (*src != '/') {
+            // path-empty, including the end of the `src` c-string cases
             urlpath[0] = '/';
             dst = &urlpath[1];
         } else {
@@ -370,11 +371,6 @@ urlParse(const HttpRequestMethod& method
         /* We -could- be at the end of the buffer here */
         if (i > l)
             return NULL;
-        /* If the URL path is empty we set it to be "/" */
-        if (dst == urlpath) {
-            *dst = '/';
-            ++dst;
-        }
         *dst = '\0';
 
 		// port = scheme.defaultPort(); // may be reset later

Places

File SQUID-2020_11.patch of Package squid

Places