From edcafac9c10ae847b79a7917bec8ca25b0074365 Mon Sep 17 00:00:00 2001 From: aeryz Date: Sun, 22 Nov 2020 15:01:28 +0300 Subject: [PATCH 1/2] Return error if multiple brackets exist in the authority --- src/uri/authority.rs | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/uri/authority.rs b/src/uri/authority.rs index f748d3ed..9796f9ee 100644 --- a/src/uri/authority.rs +++ b/src/uri/authority.rs @@ -50,7 +50,6 @@ impl Authority { .expect("static str is not valid authority") } - /// Attempt to convert a `Bytes` buffer to a `Authority`. /// /// This will try to prevent a copy if the type passed is the type used @@ -91,13 +90,16 @@ impl Authority { colon_cnt += 1; } b'[' => { - start_bracket = true; - if has_percent { + if has_percent || start_bracket { // Something other than the userinfo has a `%`, so reject it. return Err(ErrorKind::InvalidAuthority.into()); } + start_bracket = true; } b']' => { + if end_bracket { + return Err(ErrorKind::InvalidAuthority.into()); + } end_bracket = true; // Those were part of an IPv6 hostname, so forget them... From e0e7ff2c5752a5791494a9a3ff0f4d20301b826e Mon Sep 17 00:00:00 2001 From: aeryz Date: Wed, 9 Dec 2020 01:23:17 +0300 Subject: [PATCH 2/2] Add a test for authority parsing --- src/uri/authority.rs | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/uri/authority.rs b/src/uri/authority.rs index 9796f9ee..0c1fb9db 100644 --- a/src/uri/authority.rs +++ b/src/uri/authority.rs @@ -644,4 +644,10 @@ mod tests { .unwrap_err(); assert_eq!(err.0, ErrorKind::InvalidUriChar); } + + #[test] + fn rejects_invalid_use_of_brackets() { + let err = Authority::parse_non_empty(b"[]@[").unwrap_err(); + assert_eq!(err.0, ErrorKind::InvalidAuthority); + } }