[Bug 6836] wget redirected page use wrong authentication info
bugzilla at busybox.net
bugzilla at busybox.net
Sat Feb 1 01:09:33 UTC 2014
https://bugs.busybox.net/show_bug.cgi?id=6836
--- Comment #1 from Dalei Liu <daleiliu at gmail.com> 2014-02-01 01:09:32 UTC ---
I checked networking/wget.c file and found that in parse_url() function, the
h->user pointed to h->allocated, which will be freed each time it parses a new
url. So when it's called the second time after 302 response in line 889, the
h->user pointed to a freed area.
Here is my patch as a workaround, but I didn't think it's a good fix. I'm not
sure if a redirected page should use new location url with or without old
username/password. If it's not allowed, probably we should set h->user to NULL
in parse_url(). Or maybe we should implement --user and --password just like
GNU wget to avoid confusion.
diff --git a/networking/wget.c b/networking/wget.c
index d6c509e..8b2800d 100644
--- a/networking/wget.c
+++ b/networking/wget.c
@@ -327,13 +327,21 @@ static void parse_url(const char *src_url, struct
host_info *h)
sp = strrchr(h->host, '@');
if (sp != NULL) {
+ char *user;
+
// URL-decode "user:password" string before base64-encoding:
// wget http://test:my%20pass@example.com should send
// Authorization: Basic dGVzdDpteSBwYXNz
// which decodes to "test:my pass".
// Standard wget and curl do this too.
*sp = '\0';
- h->user = percent_decode_in_place(h->host, /*strict:*/ 0);
+ user = percent_decode_in_place(h->host, /*strict:*/ 0);
+ if (user) {
+ // release previous user info
+ if (h->user)
+ free(h->user);
+ h->user = strdup(user);
+ }
h->host = sp + 1;
}
--
Configure bugmail: https://bugs.busybox.net/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list