From 86a259443a13e17dbef3454715458e361f969fe1 Mon Sep 17 00:00:00 2001 From: "min7.choi" Date: Thu, 6 Apr 2017 14:03:09 +0900 Subject: [PATCH] Refactoring for previous security issue refer to : https://review.tizen.org/gerrit/#/c/122764/ Change-Id: Iec5bf4c878a66401b393fe8e42681f7db4dd7c15 Signed-off-by: min7.choi --- agent/download-agent-encoding.c | 14 -------------- agent/download-agent-http-mgr.c | 6 +++++- agent/download-agent-http-msg-handler.c | 14 ++++++++++++-- agent/include/download-agent-encoding.h | 1 - agent/include/download-agent-http-msg-handler.h | 2 +- 5 files changed, 18 insertions(+), 19 deletions(-) diff --git a/agent/download-agent-encoding.c b/agent/download-agent-encoding.c index cf187b7..c5f8db2 100755 --- a/agent/download-agent-encoding.c +++ b/agent/download-agent-encoding.c @@ -230,17 +230,3 @@ ERR: *out_raw_encoded_str = raw_encoded_str; return ret; } - -void decode_url_encoded_str(const char *in_encoded_str, char **out_str) -{ - CURL* curl = curl_easy_init(); - - *out_str = curl_easy_unescape(curl, in_encoded_str, strlen(in_encoded_str), NULL); - - if(!*out_str){ - DA_LOGE("CURLE_OUT_OF_MEMORY"); - return; - } - - curl_easy_cleanup(curl); -} diff --git a/agent/download-agent-http-mgr.c b/agent/download-agent-http-mgr.c index 3bdd318..3e9d4d6 100755 --- a/agent/download-agent-http-mgr.c +++ b/agent/download-agent-http-mgr.c @@ -1099,6 +1099,7 @@ da_ret_t __handle_event_http_header(http_raw_data_t *raw_data, da_info_t *da_inf file_info_t *file_info = DA_NULL; req_info_t *req_info = DA_NULL; http_msg_response_t *http_msg_response = DA_NULL; + http_msg_t *http_msg = DA_NULL; da_size_t size = 0; char *mime_type = DA_NULL; char *etag = DA_NULL; @@ -1113,6 +1114,9 @@ da_ret_t __handle_event_http_header(http_raw_data_t *raw_data, da_info_t *da_inf NULL_CHECK_RET(req_info); NULL_CHECK_RET(raw_data); + http_msg = http_info->http_msg; + NULL_CHECK_RET(http_msg); + DA_MUTEX_LOCK(&(http_info->mutex_state)); http_state = http_info->state; DA_MUTEX_UNLOCK(&(http_info->mutex_state)); @@ -1132,7 +1136,7 @@ da_ret_t __handle_event_http_header(http_raw_data_t *raw_data, da_info_t *da_inf http_msg_response_get_ETag(http_msg_response, &etag); http_info->etag_from_header = etag; http_msg_response_get_content_disposition( - http_msg_response, DA_NULL, &file_name); + http_msg_response, http_msg, DA_NULL, &file_name); http_info->file_name_from_header = file_name; ret = __handle_http_status_code(http_info, file_info, req_info); if (ret != DA_RESULT_OK) { diff --git a/agent/download-agent-http-msg-handler.c b/agent/download-agent-http-msg-handler.c index fc48c28..fe507d6 100755 --- a/agent/download-agent-http-msg-handler.c +++ b/agent/download-agent-http-msg-handler.c @@ -744,7 +744,7 @@ da_bool_t http_msg_response_get_content_length( } da_bool_t http_msg_response_get_content_disposition( - http_msg_response_t *http_msg_response, char **out_disposition, + http_msg_response_t *http_msg_response, http_msg_t *http_msg, char **out_disposition, char **out_file_name) { da_bool_t b_ret = DA_FALSE; @@ -809,7 +809,10 @@ da_bool_t http_msg_response_get_content_disposition( } else { DA_LOGV("It's NOT base64 encoded-word string"); } - decode_url_encoded_str(wanted_str, &decoded_str); + + if(http_msg->curl) + decoded_str = curl_easy_unescape(http_msg->curl, wanted_str, wanted_str_len, NULL); + /* If it is url encoded string */ if (decoded_str) { DA_SECURE_LOGD("Url decoded str = [%s]", decoded_str); @@ -817,7 +820,14 @@ da_bool_t http_msg_response_get_content_disposition( wanted_str = decoded_str; decoded_str = NULL; } + else{ + DA_LOGE("Fail to url decode."); + free(wanted_str); + wanted_str = NULL; + return DA_FALSE; + } *out_file_name = wanted_str; + DA_SECURE_LOGI("out_file_name = [%s]", *out_file_name); return DA_TRUE; } else { diff --git a/agent/include/download-agent-encoding.h b/agent/include/download-agent-encoding.h index 49e74e9..87754d9 100755 --- a/agent/include/download-agent-encoding.h +++ b/agent/include/download-agent-encoding.h @@ -22,6 +22,5 @@ da_bool_t is_base64_encoded_word(const char *in_str); da_ret_t decode_base64_encoded_str(const char *in_encoded_str, char **out_decoded_ascii_str); -void decode_url_encoded_str(const char *in_encoded_str, char **out_str); #endif // _Download_Agent_Encoding_H diff --git a/agent/include/download-agent-http-msg-handler.h b/agent/include/download-agent-http-msg-handler.h index 70abbda..6db624a 100755 --- a/agent/include/download-agent-http-msg-handler.h +++ b/agent/include/download-agent-http-msg-handler.h @@ -57,7 +57,7 @@ da_bool_t http_msg_response_get_content_type(http_msg_response_t *http_msg_respo void http_msg_response_set_content_type(http_msg_response_t *http_msg_response, const char *in_type); da_bool_t http_msg_response_get_content_length(http_msg_response_t *http_msg_response, da_size_t *out_length); -da_bool_t http_msg_response_get_content_disposition(http_msg_response_t *http_msg_response, char **out_disposition, char **out_file_name); +da_bool_t http_msg_response_get_content_disposition(http_msg_response_t *http_msg_response, http_msg_t *http_msg, char **out_disposition, char **out_file_name); da_bool_t http_msg_response_get_ETag(http_msg_response_t *http_msg_response, char **out_value); da_bool_t http_msg_response_get_date(http_msg_response_t *http_msg_response, char **out_value); da_bool_t http_msg_response_get_location(http_msg_response_t *http_msg_response, char **out_value); -- 2.7.4