[Bug debuginfod/28034] client-side %-escape url characters

Noah Sanci nsanci@redhat.com
Fri Aug 27 15:30:47 GMT 2021 

Hello,

Next update, removed redundant if statement.

-Noah Sanci

On Fri, Aug 27, 2021 at 11:07 AM Noah Sanci <nsanci@redhat.com> wrote:
>
> Hello
>
> Update 2, no longer append nulls unnecessarily.
>
> -Noah Sanci
>
> On Fri, Aug 27, 2021 at 10:44 AM Noah Sanci <nsanci@redhat.com> wrote:
> >
> > Hello,
> >
> > Here is an updated patch, using memmove. Much smaller.
> >
> > Thanks for the suggestions,
> >
> > Noah Sanci
> >
> >
> > On Thu, Aug 26, 2021 at 5:02 PM Frank Ch. Eigler <fche@redhat.com> wrote:
> > >
> > > Hi -
> > >
> > > >            /* PR28034 escape characters in completed url to %hh format. */
> > > > -          char *escaped_string;
> > > > -          escaped_string = curl_easy_escape(data[i].handle, filename, 0);
> > > > -          if (!escaped_string)
> > > > +          char escaped_string[PATH_MAX] = {'\0'};
> > > > +          char *loc = (char *) filename;
> > > > +          char *loc2;
> > > > +          char *tmp;
> > > > +          for(size_t j = 0; j < strlen(filename); ++j)
> > > >              {
> > > > -              rc = -ENOMEM;
> > > > -              goto out2;
> > > > +              loc2 = strstr(loc, "/");
> > > > +              // If the first character is a '/'
> > > > [...]
> > >
> > > Holy cow that's a lot of work to do it this way.
> > > A couple of alternatives:
> > >
> > > - ditch curl_easy_escape :-( and use a
> > >   malloc(strlen(x)*3)
> > >   byte-by-byte copy from source string into destination
> > >     if not [a-zA-Z0-9/.~] then %-escape
> > >
> > > or:
> > > - keep curl_easy_escape and postprocess
> > >   byte-by-byte examine the result of curl_easy_escape
> > >   - if seeing a "%2F", replace the % with a / and memmove the
> > >     rest of the string 2 bytes ahead
> > >
> > > It shouldn't need strtok or strstr or a lot of logic or stuff like
> > > that really.
> > >
> > > - FChE
> > >
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-debuginfod-PR28034-client-side-escape-url-characters.patch
Type: text/x-patch
Size: 2188 bytes
Desc: not available
URL: <https://sourceware.org/pipermail/elfutils-devel/attachments/20210827/ef8f51b9/attachment.bin>

More information about the Elfutils-devel mailing list