Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent parsing brackets from causing panic #108

Merged
merged 1 commit into from
May 11, 2015
Merged

Prevent parsing brackets from causing panic #108

merged 1 commit into from
May 11, 2015

Conversation

frewsxcv
Copy link
Contributor

The code:

Url::parse("http://[]")

The panic:

thread '<main>' panicked at 'index out of bounds: the len is 0 but the index is 0',
/Users/coreyf/.cargo/registry/src/github.com-1ecc6299db9ec823/url-0.2.34/src/host.rs:104

in addition to:

The code:

Url::parse("http://[:]")

The panic:

/Users/coreyf/.cargo/registry/src/github.com-1ecc6299db9ec823/url-0.2.34/src/host.rs:104
thread 'tests::url_parsing' panicked at 'index out of bounds: the len is
1 but the index is 1', src/host.rs:110

Was found using https://github.com/kmcallister/afl.rs 👍

@frewsxcv frewsxcv force-pushed the prevent-panic branch 2 times, most recently from dce2818 to b0e900f Compare May 11, 2015 12:53
frewsxcv added a commit to frewsxcv/web-platform-tests that referenced this pull request May 11, 2015
@frewsxcv
Add another test case to urltestdata.txt
277cced 
From servo/rust-url#108
@frewsxcv frewsxcv mentioned this pull request May 11, 2015
Merged
@frewsxcv
Copy link
Contributor Author

Dont merge this yet, theres another bug in here

@SimonSapin
Copy link
Member

Nice! But I think a similar issue exists for Url::parse("http://[:]"). Could you change if len == 0 to if len < 2? Reading the spec, I think any input of length 1 is also invalid.

@frewsxcv
Copy link
Contributor Author

@SimonSapin Yeah, I was just about to add that in :)

@frewsxcv
Prevent parsing brackets from causing panic
1f08064 
The code:

```
Url::parse("http://[]")
```

The panic:

```
thread '<main>' panicked at 'index out of bounds: the len is 0 but the index is 0',
/Users/coreyf/.cargo/registry/src/github.com-1ecc6299db9ec823/url-0.2.34/src/host.rs:104
```

in addition to:

The code:

```
Url::parse("http://[:]")
```

The panic:

```
/Users/coreyf/.cargo/registry/src/github.com-1ecc6299db9ec823/url-0.2.34/src/host.rs:104
thread 'tests::url_parsing' panicked at 'index out of bounds: the len is
1 but the index is 1', src/host.rs:110
```

Was found using https://github.com/kmcallister/afl.rs 👍
@frewsxcv frewsxcv changed the title Prevent http://[] from causing panic @frewsxcv Prevent parsing brackets from causing panic May 11, 2015
@frewsxcv frewsxcv changed the title @frewsxcv Prevent parsing brackets from causing panic Prevent parsing brackets from causing panic May 11, 2015
frewsxcv added a commit to frewsxcv/web-platform-tests that referenced this pull request May 11, 2015
@frewsxcv
Add a couplle more test cases to urltestdata.txt
6b034a1 
From servo/rust-url#108
frewsxcv added a commit to frewsxcv/web-platform-tests that referenced this pull request May 11, 2015
@frewsxcv
Add a couple more test cases to urltestdata.txt
58ecac4 
From servo/rust-url#108
@frewsxcv
Copy link
Contributor Author

Should be reviewable; tests pass

SimonSapin added a commit that referenced this pull request May 11, 2015
@SimonSapin
Merge pull request #108 from frewsxcv/prevent-panic
d8a7e90 
Prevent parsing brackets from causing panic
@SimonSapin SimonSapin merged commit d8a7e90 into servo:master May 11, 2015
@SimonSapin
Copy link
Member

Thanks!

@frewsxcv frewsxcv deleted the prevent-panic branch May 11, 2015 13:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@frewsxcv @SimonSapin