uri parsing: fix percent interaction with dotdot

https://github.com/warmcat/libwebsockets/issues/481#issuecomment-205863482 - fix inconsistent percent-encoding parsing where dots would sometimes interact wrongly when non-hex chars follow /foo/.%xyz now stays as-is instead of swapping . and % Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
2025-03-16 00:00:07 +01:00 · 2016-04-05 18:42:28 +02:00 · 2016-04-05 18:42:28 +02:00 · cac012f46c
commit cac012f46c
parent b6cce7d8a3
2 changed files with 8 additions and 2 deletions
--- a/lib/parsers.c
+++ b/lib/parsers.c
@ -596,6 +596,9 @@ lws_parse(struct lws *wsi, unsigned char c)
 		/* special URI processing... convert %xx */

 		switch (wsi->u.hdr.ues) {
+		case URIES_VERBATIM:
+			/* do nothing */
+			break;
 		case URIES_IDLE:
 			if (c == '%') {
 				wsi->u.hdr.ues = URIES_SEEN_PERCENT;
@ -605,7 +608,8 @@ lws_parse(struct lws *wsi, unsigned char c)
 		case URIES_SEEN_PERCENT:
 			if (char_to_hex(c) < 0) {
 				/* regurgitate */
-				if (issue_char(wsi, '%') < 0)
+				wsi->u.hdr.ues = URIES_VERBATIM;
+				if (lws_parse(wsi, '%') < 0)
 					return -1;
 				wsi->u.hdr.ues = URIES_IDLE;
 				/* continue on to assess c */
@ -618,7 +622,8 @@ lws_parse(struct lws *wsi, unsigned char c)
 		case URIES_SEEN_PERCENT_H1:
 			if (char_to_hex(c) < 0) {
 				/* regurgitate */
-				if (issue_char(wsi, '%') < 0)
+				wsi->u.hdr.ues = URIES_VERBATIM;
+				if (lws_parse(wsi, '%') < 0)
 					return -1;
 				wsi->u.hdr.ues = URIES_IDLE;
 				/* regurgitate + assess */
--- a/lib/private-libwebsockets.h
+++ b/lib/private-libwebsockets.h
@ -851,6 +851,7 @@ enum uri_esc_states {
 	URIES_IDLE,
 	URIES_SEEN_PERCENT,
 	URIES_SEEN_PERCENT_H1,
+	URIES_VERBATIM,
 };

 /* notice that these union members: