Jacek Caban : wininet: Don' t assume maximal URL length in HTTP_GetRedirectURL.
Alexandre Julliard
julliard at wine.codeweavers.com
Thu May 19 10:32:06 CDT 2016
Module: wine
Branch: master
Commit: 5141c911ff0924efb9a787276aecd54a39609ef8
URL: http://source.winehq.org/git/wine.git/?a=commit;h=5141c911ff0924efb9a787276aecd54a39609ef8
Author: Jacek Caban <jacek at codeweavers.com>
Date: Wed May 18 18:02:46 2016 +0200
wininet: Don't assume maximal URL length in HTTP_GetRedirectURL.
Signed-off-by: Jacek Caban <jacek at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
---
dlls/wininet/http.c | 42 +++++++++++++++++++++---------------------
1 file changed, 21 insertions(+), 21 deletions(-)
diff --git a/dlls/wininet/http.c b/dlls/wininet/http.c
index d1becf8..889c606 100644
--- a/dlls/wininet/http.c
+++ b/dlls/wininet/http.c
@@ -4116,29 +4116,22 @@ static LPWSTR HTTP_GetRedirectURL(http_request_t *request, LPCWSTR lpszUrl)
static DWORD HTTP_HandleRedirect(http_request_t *request, LPCWSTR lpszUrl)
{
http_session_t *session = request->session;
- WCHAR path[INTERNET_MAX_PATH_LENGTH];
+ WCHAR *path;
if(lpszUrl[0]=='/')
{
/* if it's an absolute path, keep the same session info */
- lstrcpynW(path, lpszUrl, INTERNET_MAX_URL_LENGTH);
+ path = heap_strdupW(lpszUrl);
}
else
{
URL_COMPONENTSW urlComponents = { sizeof(urlComponents) };
- WCHAR hostName[INTERNET_MAX_HOST_NAME_LENGTH];
- WCHAR userName[INTERNET_MAX_USER_NAME_LENGTH];
BOOL custom_port = FALSE;
+ substr_t host;
- userName[0] = 0;
- hostName[0] = 0;
-
- urlComponents.lpszHostName = hostName;
- urlComponents.dwHostNameLength = INTERNET_MAX_HOST_NAME_LENGTH;
- urlComponents.lpszUserName = userName;
- urlComponents.dwUserNameLength = INTERNET_MAX_USER_NAME_LENGTH;
- urlComponents.lpszUrlPath = path;
- urlComponents.dwUrlPathLength = INTERNET_MAX_PATH_LENGTH;
+ urlComponents.dwHostNameLength = 1;
+ urlComponents.dwUserNameLength = 1;
+ urlComponents.dwUrlPathLength = 1;
if(!InternetCrackUrlW(lpszUrl, strlenW(lpszUrl), 0, &urlComponents))
return INTERNET_GetLastError();
@@ -4162,20 +4155,23 @@ static DWORD HTTP_HandleRedirect(http_request_t *request, LPCWSTR lpszUrl)
heap_free(session->hostName);
- session->hostName = heap_strdupW(hostName);
+ session->hostName = heap_strndupW(urlComponents.lpszHostName, urlComponents.dwHostNameLength);
session->hostPort = urlComponents.nPort;
heap_free(session->userName);
session->userName = NULL;
- if (userName[0])
- session->userName = heap_strdupW(userName);
+ if (urlComponents.dwUserNameLength)
+ session->userName = heap_strndupW(urlComponents.lpszUserName, urlComponents.dwUserNameLength);
reset_data_stream(request);
- if(strcmpiW(request->server->name, hostName) || request->server->port != urlComponents.nPort) {
+ host = substr(urlComponents.lpszHostName, urlComponents.dwHostNameLength);
+
+ if(host.len != strlenW(request->server->name) || strncmpiW(request->server->name, host.str, host.len)
+ || request->server->port != urlComponents.nPort) {
server_t *new_server;
- new_server = get_server(substrz(hostName), urlComponents.nPort, urlComponents.nScheme == INTERNET_SCHEME_HTTPS, TRUE);
+ new_server = get_server(host, urlComponents.nPort, urlComponents.nScheme == INTERNET_SCHEME_HTTPS, TRUE);
server_release(request->server);
request->server = new_server;
}
@@ -4184,16 +4180,18 @@ static DWORD HTTP_HandleRedirect(http_request_t *request, LPCWSTR lpszUrl)
HTTP_ProcessHeader(request, hostW, request->server->host_port, HTTP_ADDREQ_FLAG_ADD | HTTP_ADDREQ_FLAG_REPLACE | HTTP_ADDHDR_FLAG_REQ);
else
HTTP_ProcessHeader(request, hostW, request->server->name, HTTP_ADDREQ_FLAG_ADD | HTTP_ADDREQ_FLAG_REPLACE | HTTP_ADDHDR_FLAG_REQ);
+
+ path = heap_strndupW(urlComponents.lpszUrlPath, urlComponents.dwUrlPathLength);
}
heap_free(request->path);
- request->path=NULL;
+ request->path = NULL;
if (*path)
{
DWORD needed = 0;
HRESULT rc;
rc = UrlEscapeW(path, NULL, &needed, URL_ESCAPE_SPACES_ONLY);
- if (rc != E_POINTER)
+ if (rc == E_POINTER)
needed = strlenW(path)+1;
request->path = heap_alloc(needed*sizeof(WCHAR));
rc = UrlEscapeW(path, request->path, &needed,
@@ -4201,10 +4199,12 @@ static DWORD HTTP_HandleRedirect(http_request_t *request, LPCWSTR lpszUrl)
if (rc != S_OK)
{
ERR("Unable to escape string!(%s) (%d)\n",debugstr_w(path),rc);
- strcpyW(request->path,path);
+ strcpyW(request->path, path);
}
}
+ heap_free(path);
+
/* Remove custom content-type/length headers on redirects. */
remove_header(request, szContent_Type, TRUE);
remove_header(request, szContent_Length, TRUE);
More information about the wine-cvs
mailing list