1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

src: avoid dereference without existence check

Browse Source 
Currently the URL API is only used from the JS binding, which always
initializes `base` regardless of `has_base`. Therefore, there is no
actual security risk right now, but would be had we made other C++ parts
of Node.js use this API.

An earlier version of this patch was created by Bradley Farias
<bradley.meck@gmail.com>.

PR-URL: https://github.com/nodejs/node/pull/14591
Refs: https://github.com/nodejs/node/pull/14369#discussion_r128767221
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
This commit is contained in:
Timothy Gu 2017-08-05 16:57:10 +08:00
parent ff65a2e051
commit e96ca62480
No known key found for this signature in database
GPG Key ID: 7FE6B095B582B0D4
2 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/node_url.cc
View File

@ -1283,7 +1283,7 @@ void URL::Parse(const char* input,
}
break;
case kNoScheme:
cannot_be_base = base->flags & URL_FLAGS_CANNOT_BE_BASE;
cannot_be_base = has_base && (base->flags & URL_FLAGS_CANNOT_BE_BASE);
if (!has_base || (cannot_be_base && ch != '#')) {
url->flags |= URL_FLAGS_FAILED;
return;

14
test/cctest/test_url.cc
View File

@ -4,6 +4,7 @@
#include "gtest/gtest.h"
using node::url::URL;
using node::url::URL_FLAGS_FAILED;
class URLTest : public ::testing::Test {
protected:
@ -20,6 +21,7 @@ class URLTest : public ::testing::Test {
TEST_F(URLTest, Simple) {
URL simple("https://example.org:81/a/b/c?query#fragment");
EXPECT_FALSE(simple.flags() & URL_FLAGS_FAILED);
EXPECT_EQ(simple.protocol(), "https:");
EXPECT_EQ(simple.host(), "example.org");
EXPECT_EQ(simple.port(), 81);
@ -32,6 +34,7 @@ TEST_F(URLTest, Simple2) {
const char* input = "https://example.org:81/a/b/c?query#fragment";
URL simple(input, strlen(input));
EXPECT_FALSE(simple.flags() & URL_FLAGS_FAILED);
EXPECT_EQ(simple.protocol(), "https:");
EXPECT_EQ(simple.host(), "example.org");
EXPECT_EQ(simple.port(), 81);
@ -40,10 +43,17 @@ TEST_F(URLTest, Simple2) {
EXPECT_EQ(simple.fragment(), "fragment");
}
TEST_F(URLTest, NoBase1) {
URL error("123noscheme");
EXPECT_TRUE(error.flags() & URL_FLAGS_FAILED);
}
TEST_F(URLTest, Base1) {
URL base("http://example.org/foo/bar");
URL simple("../baz", &base);
ASSERT_FALSE(base.flags() & URL_FLAGS_FAILED);
URL simple("../baz", &base);
EXPECT_FALSE(simple.flags() & URL_FLAGS_FAILED);
EXPECT_EQ(simple.protocol(), "http:");
EXPECT_EQ(simple.host(), "example.org");
EXPECT_EQ(simple.path(), "/baz");
@ -52,6 +62,7 @@ TEST_F(URLTest, Base1) {
TEST_F(URLTest, Base2) {
URL simple("../baz", "http://example.org/foo/bar");
EXPECT_FALSE(simple.flags() & URL_FLAGS_FAILED);
EXPECT_EQ(simple.protocol(), "http:");
EXPECT_EQ(simple.host(), "example.org");
EXPECT_EQ(simple.path(), "/baz");
@ -63,6 +74,7 @@ TEST_F(URLTest, Base3) {
URL simple(input, strlen(input), base, strlen(base));
EXPECT_FALSE(simple.flags() & URL_FLAGS_FAILED);
EXPECT_EQ(simple.protocol(), "http:");
EXPECT_EQ(simple.host(), "example.org");
EXPECT_EQ(simple.path(), "/baz");