From owner-freebsd-bugs@FreeBSD.ORG  Wed Sep 10 21:00:09 2008
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A7D31106567D
	for <freebsd-bugs@hub.freebsd.org>;
	Wed, 10 Sep 2008 21:00:09 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 707868FC16
	for <freebsd-bugs@hub.freebsd.org>;
	Wed, 10 Sep 2008 21:00:09 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m8AL09aL071760
	for <freebsd-bugs@freefall.freebsd.org>; Wed, 10 Sep 2008 21:00:09 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m8AL09lf071759;
	Wed, 10 Sep 2008 21:00:09 GMT (envelope-from gnats)
Resent-Date: Wed, 10 Sep 2008 21:00:09 GMT
Resent-Message-Id: <200809102100.m8AL09lf071759@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Matt Koivisto <mkoivisto@sandvine.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 74D741065671
	for <freebsd-gnats-submit@FreeBSD.org>;
	Wed, 10 Sep 2008 20:51:46 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 5E5D88FC18
	for <freebsd-gnats-submit@FreeBSD.org>;
	Wed, 10 Sep 2008 20:51:46 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m8AKpk9N031970
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 10 Sep 2008 20:51:46 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id m8AKpkXV031969;
	Wed, 10 Sep 2008 20:51:46 GMT (envelope-from nobody)
Message-Id: <200809102051.m8AKpkXV031969@www.freebsd.org>
Date: Wed, 10 Sep 2008 20:51:46 GMT
From: Matt Koivisto <mkoivisto@sandvine.com>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-3.1
Cc: 
Subject: bin/127280: [patch] fetch/libfetch RFC 1738 %2F escaped slash
	handling
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Sep 2008 21:00:09 -0000


>Number:         127280
>Category:       bin
>Synopsis:       [patch] fetch/libfetch RFC 1738 %2F escaped slash handling
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 10 21:00:09 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Matt Koivisto
>Release:        RELENG_6_3
>Organization:
Sandvine
>Environment:
>Description:
RFC 1738 specifies:

> ...the URL <URL:ftp://myname@host.dom/%2Fetc/motd> is interpreted by FTP-ing to
> "host.dom", logging in as "myname" (prompting for a password if it is asked
> for), and then executing "CWD /etc" and then "RETR motd". This has a different
> meaning from <URL:ftp://myname@host.dom/etc/motd> which would "CWD etc" and
> then "RETR motd"; the initial "CWD" might be executed relative to the default
> directory for "myname".

As a first step to fixing bin/83277, enable handling of "%2F" escaped slash in fetch and libfetch.

This patch is agaist HEAD.
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

--- src/usr.bin/fetch/fetch.c
+++ src/usr.bin/fetch/fetch.c.new
@@ -724,11 +724,11 @@
 main(int argc, char *argv[])
 {
 	struct stat sb;
 	struct sigaction sa;
 	const char *p, *s;
-	char *end, *q;
+	char *end, *q, *esc;
 	int c, e, r;
 
 	while ((c = getopt(argc, argv,
 	    "146AaB:bc:dFf:Hh:lMmN:nPpo:qRrS:sT:tUvw:")) != -1)
 		switch (c) {
@@ -936,10 +936,18 @@
 			p++;
 
 		if (!*p)
 			p = "fetch.out";
 
+		/*
+		 * Handle any escaped slashes in path when determining local
+		 * filename. fetchParseURL handles any escaped slashes in the
+		 * URL
+		 */
+		while ((esc = strcasestr(p, "%2F")) != NULL)
+			p = &esc[3];
+
 		fetchLastErrCode = 0;
 
 		if (o_flag) {
 			if (o_stdout) {
 				e = fetch(*argv, "-");

--- src/lib/libfetch/fetch.c
+++ src/lib/libfetch/fetch.c.new
@@ -302,11 +302,11 @@
  * This almost, but not quite, RFC1738 URL syntax.
  */
 struct url *
 fetchParseURL(const char *URL)
 {
-	char *doc;
+	char *doc, *esc;
 	const char *p, *q;
 	struct url *u;
 	int i;
 
 	/* allocate struct url */
@@ -408,10 +408,18 @@
 	} else if ((u->doc = strdup(p)) == NULL) {
 		fetch_syserr();
 		goto ouch;
 	}
 
+	while (strcasecmp(u->scheme, SCHEME_FTP) == 0 &&
+		((esc = strcasestr(u->doc, "%2F")) != NULL)) {
+
+		esc[0] = '/';
+		esc[1] = '\0';
+		strcat(u->doc,&esc[3]);
+	}
+
 	DEBUG(fprintf(stderr,
 		  "scheme:   [%s]\n"
 		  "user:     [%s]\n"
 		  "password: [%s]\n"
 		  "host:     [%s]\n"


>Release-Note:
>Audit-Trail:
>Unformatted: