bugfix: rest: avoid segfault for invalid URI

`evhttp_uri_parse` can return a nullptr, for example when the URI contains invalid characters (e.g. "%"). `GetQueryParameterFromUri` passes the output of `evhttp_uri_parse` straight into `evhttp_uri_get_query`, which means that anyone calling a REST endpoint in which query parameters are used (e.g. `rest_headers`) can cause a segfault. This bugfix is designed to be minimal and without additional behaviour change. Follow-up work should be done to resolve this in a more general and robust way, so not every endpoint has to handle it individually.
author: pablomartin4btc <pablomartin4btc@gmail.com> 2023-04-14 19:03:08 -0300
committer: pablomartin4btc <pablomartin4btc@gmail.com> 2023-04-17 10:13:34 -0300
commit: 11422cc5720c8d73a87600de8fe8abb156db80dc (patch)
tree: 76363292587e46c2243acbbaa952f93d2ee64714 /src/httpserver.cpp
parent: 2bfe43db164de7382d01c06dbdebf250d35f9f2f (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/src/httpserver.cpp b/src/httpserver.cpp
index 942caa042d..8e49f9c0f4 100644
--- a/src/httpserver.cpp
+++ b/src/httpserver.cpp
@@ -673,6 +673,9 @@ std::optional<std::string> HTTPRequest::GetQueryParameter(const std::string& key
 std::optional<std::string> GetQueryParameterFromUri(const char* uri, const std::string& key)
 {
     evhttp_uri* uri_parsed{evhttp_uri_parse(uri)};
+    if (!uri_parsed) {
+        throw std::runtime_error("URI parsing failed, it likely contained RFC 3986 invalid characters");
+    }
     const char* query{evhttp_uri_get_query(uri_parsed)};
     std::optional<std::string> result;
author	pablomartin4btc <pablomartin4btc@gmail.com>	2023-04-14 19:03:08 -0300
committer	pablomartin4btc <pablomartin4btc@gmail.com>	2023-04-17 10:13:34 -0300
commit	11422cc5720c8d73a87600de8fe8abb156db80dc (patch)
tree	76363292587e46c2243acbbaa952f93d2ee64714 /src/httpserver.cpp
parent	2bfe43db164de7382d01c06dbdebf250d35f9f2f (diff)