[Bug debuginfod/28034] client-side %-escape url characters

Frank Ch. Eigler fche@redhat.com
Thu Aug 26 21:02:13 GMT 2021


Hi -

>            /* PR28034 escape characters in completed url to %hh format. */
> -          char *escaped_string;
> -          escaped_string = curl_easy_escape(data[i].handle, filename, 0);
> -          if (!escaped_string)
> +          char escaped_string[PATH_MAX] = {'\0'};
> +          char *loc = (char *) filename;
> +          char *loc2;
> +          char *tmp;
> +          for(size_t j = 0; j < strlen(filename); ++j)
>              {
> -              rc = -ENOMEM;
> -              goto out2;
> +              loc2 = strstr(loc, "/");
> +              // If the first character is a '/'
> [...]

Holy cow that's a lot of work to do it this way.
A couple of alternatives:

- ditch curl_easy_escape :-( and use a
  malloc(strlen(x)*3)
  byte-by-byte copy from source string into destination
    if not [a-zA-Z0-9/.~] then %-escape

or:
- keep curl_easy_escape and postprocess
  byte-by-byte examine the result of curl_easy_escape
  - if seeing a "%2F", replace the % with a / and memmove the
    rest of the string 2 bytes ahead

It shouldn't need strtok or strstr or a lot of logic or stuff like
that really.

- FChE



More information about the Elfutils-devel mailing list