Since we know the number of bytes we want to copy, just use memcpy
instead of strncpy - this will be faster and hopefully will warn
less on arm systems.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
This adds regression checks for the security issue recently fixed
in idna_{en,de}code().
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
Detected by some norwegian students who were doing security
analysis, we would overrun buffers in idna_{en,de}code() so
this corrects that problem.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
In order to not blow up on massive rowspan/colspan values (which
could be an issue according to #2873) we clamp them according to
the HTML spec section 4.9.11
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
Unfortunately, despite previous assertions to the contrary,
we do need to deal with IPv6 literals. For now we validate
just that they are encased by square brackets and consist only
of hex digits and colons. We do not validate that they are
actually valid IPv6 addresses.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
We were previously assuming a badly escaped hostname would
not be a url parse failure; but in practice firefox expects
it to fail and thus omnis to a search instead. This behaviour
is expected, thus we update the test case.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
The host component must be a valid DNS name; and unfortunately
underscores are present in some DNS names already, despite a 2019
decision to not issue them going forward. As such we permit the
underscore as well in order to work with old-school URLs which may
exist in the wild.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
The host component, by the time we hit the validation code, should
be a valid DNS name. In theory it could also be an IPv6 address,
but those are far more painful to deal with so we're ignoring that
opportunity for now.
This fixes a problem where the search_web_omni logic would fail
to generate a search because nsurl_create() succeeded even though
it shouldn't have.
Signed-off-by: Daniel Silverstone <dsilvers@netsurf-browser.org>
