diff options
| author | Thiago Macieira <thiago.macieira@intel.com> | 2013-07-02 13:29:13 -0700 |
|---|---|---|
| committer | The Qt Project <gerrit-noreply@qt-project.org> | 2013-07-20 05:06:34 +0200 |
| commit | 3d77406e27230089e5a847b03c93d66117343d75 (patch) | |
| tree | acc93994d8eaf6122fe16b53ec4fa88304011135 /src/corelib/io/qurlrecode.cpp | |
| parent | b60cac3602b54dbd3a4b717d143f620da10c1f32 (diff) | |
Make the URL Recode function to fix bad input in FullyDecoded mode too
So far, this function hasn't been used for input coming in from the
user, so it wasn't necessary. But we may want to do it, or we may
already be doing it accidentally somewhere that isn't triggering the
failed assertions during unit testing.
So let's be on the safe side and allow it. And test it too.
Change-Id: Ib63addd8da468ad6908278d07a4829f1bdc26a07
Reviewed-by: David Faure (KDE) <faure@kde.org>
Diffstat (limited to 'src/corelib/io/qurlrecode.cpp')
| -rw-r--r-- | src/corelib/io/qurlrecode.cpp | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/src/corelib/io/qurlrecode.cpp b/src/corelib/io/qurlrecode.cpp index 5ff0c40a4f..509a92d2b0 100644 --- a/src/corelib/io/qurlrecode.cpp +++ b/src/corelib/io/qurlrecode.cpp @@ -573,6 +573,13 @@ static int decode(QString &appendTo, const ushort *begin, const ushort *end) continue; } + if (Q_UNLIKELY(end - input < 3 || !isHex(input[1]) || !isHex(input[2]))) { + // badly-encoded data + appendTo.resize(origSize + (end - begin)); + memcpy(appendTo.begin() + origSize, begin, (end - begin) * sizeof(ushort)); + return end - begin; + } + if (Q_UNLIKELY(!output)) { // detach appendTo.resize(origSize + (end - begin)); @@ -582,9 +589,6 @@ static int decode(QString &appendTo, const ushort *begin, const ushort *end) } ++input; - Q_ASSERT(input <= end - 2); // we need two characters - Q_ASSERT(isHex(input[0])); - Q_ASSERT(isHex(input[1])); *output++ = decodeNibble(input[0]) << 4 | decodeNibble(input[1]); input += 2; } @@ -635,6 +639,9 @@ static void maskTable(uchar (&table)[N], const uchar (&mask)[N]) handled. It consists of a sequence of 16-bit values, where the low 8 bits indicate the character in question and the high 8 bits are either \c EncodeCharacter, \c LeaveCharacter or \c DecodeCharacter. + + This function corrects percent-encoded errors by interpreting every '%' as + meaning "%25" (all percents in the same content). */ Q_AUTOTEST_EXPORT int |