fix IRI-parsing bug

Some particularly crafted IRIs can cause a denial of service (DOS). IRIs which have a trailing `..' segment and resolve to a valid IRI (i.e. a .. that's not escaping the root directory) will make the server process loop forever. This is """just""" an DOS vulnerability, it doesn't expose anything sensitive or give an attacker anything else.
author: Omar Polo <op@omarpolo.com> 2021-04-12 20:11:47 +0000
committer: Omar Polo <op@omarpolo.com> 2021-04-12 20:11:47 +0000
commit: 9d092b607a25f4598557792be5ec35f02c3ae966 (patch)
tree: 9e85a85f2889e912923dada21e29b7dcf95a3192 /regress
parent: f2522b43139cc1a41a4a75d9eff84ee40be408da (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/regress/iri_test.c b/regress/iri_test.c
index 785305d..6595f92 100644
--- a/regress/iri_test.c
+++ b/regress/iri_test.c
@@ -194,6 +194,10 @@ main(void)
 	    PASS,
             IRI("gemini", "omarpolo.com", "", "foo", "", ""),
 	    "Trim initial slashes (pt. 2)");
+	TEST("http://a/b/c/../..",
+	    PASS,
+	    IRI("http", "a", "", "", "", ""),
+	    "avoid infinite loops (see v1.6.1)");
 
 	/* query */
 	TEST("foo://example.com/foo/?gne",
author	Omar Polo <op@omarpolo.com>	2021-04-12 20:11:47 +0000
committer	Omar Polo <op@omarpolo.com>	2021-04-12 20:11:47 +0000
commit	9d092b607a25f4598557792be5ec35f02c3ae966 (patch)
tree	9e85a85f2889e912923dada21e29b7dcf95a3192 /regress
parent	f2522b43139cc1a41a4a75d9eff84ee40be408da (diff)