Refactoring for previous security issue

refer to : https://review.tizen.org/gerrit/#/c/122764/

Change-Id: Iec5bf4c878a66401b393fe8e42681f7db4dd7c15
Signed-off-by: min7.choi <min7.choi@samsung.com>

diff --git a/agent/download-agent-encoding.c b/agent/download-agent-encoding.c
index cf187b7..c5f8db2 100755 (executable)
--- a/agent/download-agent-encoding.c
+++ b/agent/download-agent-encoding.c
@@ -230,17 +230,3 @@ ERR:
        *out_raw_encoded_str = raw_encoded_str;
        return ret;
 }
-
-void decode_url_encoded_str(const char *in_encoded_str, char **out_str)
-{
-       CURL* curl = curl_easy_init();
-
-       *out_str = curl_easy_unescape(curl, in_encoded_str, strlen(in_encoded_str), NULL);
-
-       if(!*out_str){
-               DA_LOGE("CURLE_OUT_OF_MEMORY");
-               return;
-       }
-
-       curl_easy_cleanup(curl);
-}

diff --git a/agent/download-agent-http-mgr.c b/agent/download-agent-http-mgr.c
index 3bdd318..3e9d4d6 100755 (executable)
--- a/agent/download-agent-http-mgr.c
+++ b/agent/download-agent-http-mgr.c
@@ -1099,6 +1099,7 @@ da_ret_t __handle_event_http_header(http_raw_data_t *raw_data, da_info_t *da_inf
        file_info_t *file_info = DA_NULL;
        req_info_t *req_info = DA_NULL;
        http_msg_response_t *http_msg_response = DA_NULL;
+       http_msg_t *http_msg = DA_NULL;
        da_size_t size = 0;
        char *mime_type = DA_NULL;
        char *etag = DA_NULL;
@@ -1113,6 +1114,9 @@ da_ret_t __handle_event_http_header(http_raw_data_t *raw_data, da_info_t *da_inf
        NULL_CHECK_RET(req_info);
        NULL_CHECK_RET(raw_data);
 
+       http_msg = http_info->http_msg;
+       NULL_CHECK_RET(http_msg);
+
        DA_MUTEX_LOCK(&(http_info->mutex_state));
        http_state = http_info->state;
        DA_MUTEX_UNLOCK(&(http_info->mutex_state));
@@ -1132,7 +1136,7 @@ da_ret_t __handle_event_http_header(http_raw_data_t *raw_data, da_info_t *da_inf
                http_msg_response_get_ETag(http_msg_response, &etag);
                http_info->etag_from_header = etag;
                http_msg_response_get_content_disposition(
-                               http_msg_response, DA_NULL, &file_name);
+                               http_msg_response, http_msg, DA_NULL, &file_name);
                http_info->file_name_from_header = file_name;
                ret = __handle_http_status_code(http_info, file_info, req_info);
                if (ret != DA_RESULT_OK) {

diff --git a/agent/download-agent-http-msg-handler.c b/agent/download-agent-http-msg-handler.c
index fc48c28..fe507d6 100755 (executable)
--- a/agent/download-agent-http-msg-handler.c
+++ b/agent/download-agent-http-msg-handler.c
@@ -744,7 +744,7 @@ da_bool_t http_msg_response_get_content_length(
 }
 
 da_bool_t http_msg_response_get_content_disposition(
-       http_msg_response_t *http_msg_response, char **out_disposition,
+       http_msg_response_t *http_msg_response, http_msg_t *http_msg, char **out_disposition,
        char **out_file_name)
 {
        da_bool_t b_ret = DA_FALSE;
@@ -809,7 +809,10 @@ da_bool_t http_msg_response_get_content_disposition(
                        } else {
                                DA_LOGV("It's NOT base64 encoded-word string");
                        }
-                       decode_url_encoded_str(wanted_str, &decoded_str);
+
+                       if(http_msg->curl)
+                               decoded_str = curl_easy_unescape(http_msg->curl, wanted_str, wanted_str_len, NULL);
+
                        /* If it is url encoded string */
                        if (decoded_str) {
                                DA_SECURE_LOGD("Url decoded str = [%s]", decoded_str);
@@ -817,7 +820,14 @@ da_bool_t http_msg_response_get_content_disposition(
                                wanted_str = decoded_str;
                                decoded_str = NULL;
                        }
+                       else{
+                               DA_LOGE("Fail to url decode.");
+                               free(wanted_str);
+                               wanted_str = NULL;
+                               return DA_FALSE;
+                       }
                        *out_file_name = wanted_str;
+
                        DA_SECURE_LOGI("out_file_name = [%s]", *out_file_name);
                        return DA_TRUE;
                } else {

diff --git a/agent/include/download-agent-encoding.h b/agent/include/download-agent-encoding.h
index 49e74e9..87754d9 100755 (executable)
--- a/agent/include/download-agent-encoding.h
+++ b/agent/include/download-agent-encoding.h
@@ -22,6 +22,5 @@
 da_bool_t is_base64_encoded_word(const char *in_str);
 da_ret_t decode_base64_encoded_str(const char *in_encoded_str,
        char **out_decoded_ascii_str);
-void decode_url_encoded_str(const char *in_encoded_str, char **out_str);
 
 #endif // _Download_Agent_Encoding_H

diff --git a/agent/include/download-agent-http-msg-handler.h b/agent/include/download-agent-http-msg-handler.h
index 70abbda..6db624a 100755 (executable)
--- a/agent/include/download-agent-http-msg-handler.h
+++ b/agent/include/download-agent-http-msg-handler.h
@@ -57,7 +57,7 @@ da_bool_t http_msg_response_get_content_type(http_msg_response_t *http_msg_respo
 void http_msg_response_set_content_type(http_msg_response_t *http_msg_response, const char *in_type);
 
 da_bool_t http_msg_response_get_content_length(http_msg_response_t *http_msg_response, da_size_t *out_length);
-da_bool_t http_msg_response_get_content_disposition(http_msg_response_t *http_msg_response, char **out_disposition, char **out_file_name);
+da_bool_t http_msg_response_get_content_disposition(http_msg_response_t *http_msg_response, http_msg_t *http_msg, char **out_disposition, char **out_file_name);
 da_bool_t http_msg_response_get_ETag(http_msg_response_t *http_msg_response, char **out_value);
 da_bool_t http_msg_response_get_date(http_msg_response_t *http_msg_response, char **out_value);
 da_bool_t http_msg_response_get_location(http_msg_response_t *http_msg_response, char **out_value);