Detected by some norwegian students who were doing security
analysis, we would overrun buffers in idna_{en,de}code() so
this corrects that problem.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
Unfortunately, despite previous assertions to the contrary,
we do need to deal with IPv6 literals. For now we validate
just that they are encased by square brackets and consist only
of hex digits and colons. We do not validate that they are
actually valid IPv6 addresses.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
The host component must be a valid DNS name; and unfortunately
underscores are present in some DNS names already, despite a 2019
decision to not issue them going forward. As such we permit the
underscore as well in order to work with old-school URLs which may
exist in the wild.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
The host component, by the time we hit the validation code, should
be a valid DNS name. In theory it could also be an IPv6 address,
but those are far more painful to deal with so we're ignoring that
opportunity for now.
This fixes a problem where the search_web_omni logic would fail
to generate a search because nsurl_create() succeeded even though
it shouldn't have.
Signed-off-by: Daniel Silverstone <dsilvers@netsurf-browser.org>
GCC was upset that it was theoretically possible for this
format string to result in a buffer overrun. This is because
it could not work out that `i` would never be negative. To
silence the warning, we use %u and cast to unsigned during the
formatting of the output filename.
Signed-off-by: Daniel Silverstone <dsilvers@netsurf-browser.org>
For some reason, we have to use the __GLIBC_PREREQ macro
in a more confined way otherwise the preprocessor gets confused.
Signed-off-by: Daniel Silverstone <dsilvers@netsurf-browser.org>
Since glibc 2.38 the functions strchrnul and strcasestr have been
exposed by default, rather than being hidden behind _GNU_SOURCE.
We therefore use the GLIBC_PREREQ macro to check the version of
the glibc headers and do not accidentally double-declare these
functions.
Signed-off-by: Daniel Silverstone <dsilvers@netsurf-browser.org>
These special snowflakes have specialised socket close APIs, so
ensure that we use the correct one. Additionally, there's no
guarantee that their socket() API signature matches the POSIX
definition, so wrap it up and cast the result.
Newer compilers were (correctly) pointing out use after free.
Slightly reworkeed conversion function to remove compiler warnings
and clean up implementation.
On may of the platforms we build for (RISC OS, Windows, Amiga OS4,
Amiga OS3, and Atari), this was causing:
- utils/file.c:329 error: 'O_DIRECTORY' undeclared
- utils/file.c:357 error: 'AT_SYMLINK_NOFOLLOW' undeclared
This reverts commit ef00567b02.
Improve the key/value processing in choices file.
Fixes several oddities discovered including:
removing the last character of the last value.
possible buffer overflow with certian values
Daniel Silverstone