[glib-networking/mcatanzaro/proxy-validation] glibproxyresolver: validate proxy URIs
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking/mcatanzaro/proxy-validation] glibproxyresolver: validate proxy URIs
- Date: Tue, 28 Jun 2022 20:16:08 +0000 (UTC)
commit b506a9a2e8dc60084e5209b3446678675af9e67d
Author: Michael Catanzaro <mcatanzaro redhat com>
Date: Tue Jun 28 15:14:06 2022 -0500
glibproxyresolver: validate proxy URIs
This adds an extra layer of safety to ensure our GProxyResolver only
ever returns URIs that GLib considers valid. Otherwise, if libproxy
returns something silly like an empty string, nothing prevents us from
passing it along.
proxy/libproxy/glibproxyresolver.c | 9 +++++++++
1 file changed, 9 insertions(+)
---
diff --git a/proxy/libproxy/glibproxyresolver.c b/proxy/libproxy/glibproxyresolver.c
index 3f5a4f05..f31a8ba0 100644
--- a/proxy/libproxy/glibproxyresolver.c
+++ b/proxy/libproxy/glibproxyresolver.c
@@ -92,6 +92,7 @@ copy_proxies (gchar **proxies)
gchar **copy;
int len = 0;
int i, j;
+ GError *error = NULL;
for (i = 0; proxies[i]; i++)
{
@@ -104,6 +105,14 @@ copy_proxies (gchar **proxies)
copy = g_new (gchar *, len + 1);
for (i = j = 0; proxies[i]; i++, j++)
{
+ if (!g_uri_is_valid (proxies[i], G_URI_FLAGS_NONE, &error))
+ {
+ g_warning ("Received invalid URI %s from libproxy: %s", proxies[i], error->message);
+ g_clear_error (&error);
+ j--;
+ continue;
+ }
+
if (!strncmp ("socks://", proxies[i], 8))
{
copy[j++] = g_strdup_printf ("socks5://%s", proxies[i] + 8);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]