From 896db8843f84b882085e7d1bfd05c24194893d48 Mon Sep 17 00:00:00 2001 From: Justine Tunney Date: Sat, 9 Jul 2022 04:24:51 -0700 Subject: [PATCH] Loosen restriction on valid hostnames This changes fixes an issue with GitPod integration, where large numbers in a hostname were incorrectly causing redbean to refuse a request. --- net/http/isacceptablehost.c | 17 +++++++++++------ test/net/http/isacceptablehost_test.c | 5 ++++- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/net/http/isacceptablehost.c b/net/http/isacceptablehost.c index f2506a4a9..b422a29a7 100644 --- a/net/http/isacceptablehost.c +++ b/net/http/isacceptablehost.c @@ -55,17 +55,18 @@ bool IsAcceptableHost(const char *s, size_t n) { int c, b, j; if (n == -1) n = s ? strlen(s) : 0; if (!n) return true; - if (n > DNS_NAME_MAX) return false; + if (n > DNS_NAME_MAX) { + return false; + } for (b = j = i = 0; i < n; ++i) { c = s[i] & 255; if (isdigit(c)) { b *= 10; b += c - '0'; - if (b > 255) { + } else if (c == '.') { + if (!i || s[i - 1] == '.') { return false; } - } else if (c == '.') { - if (!i || s[i - 1] == '.') return false; b = 0; ++j; } else { @@ -81,7 +82,11 @@ bool IsAcceptableHost(const char *s, size_t n) { } } } - if (j != 3) return false; - if (i && s[i - 1] == '.') return false; + if (j != 3) { + return false; + } + if (i && s[i - 1] == '.') { + return false; + } return true; } diff --git a/test/net/http/isacceptablehost_test.c b/test/net/http/isacceptablehost_test.c index fbe3df305..66b35f415 100644 --- a/test/net/http/isacceptablehost_test.c +++ b/test/net/http/isacceptablehost_test.c @@ -29,7 +29,6 @@ TEST(IsAcceptableHost, test) { EXPECT_TRUE(IsAcceptableHost("1.2.3.4.5.arpa", -1)); EXPECT_TRUE(IsAcceptableHost("255.255.255.255", -1)); EXPECT_FALSE(IsAcceptableHost("255.255.255", -1)); - EXPECT_FALSE(IsAcceptableHost("256.255.255.255", -1)); EXPECT_TRUE(IsAcceptableHost("hello.example", -1)); EXPECT_FALSE(IsAcceptableHost("hello..example", -1)); EXPECT_TRUE(IsAcceptableHost("hello", -1)); @@ -46,6 +45,10 @@ TEST(IsAcceptableHost, test) { EXPECT_TRUE(IsAcceptableHost("there-.example", -1)); EXPECT_FALSE(IsAcceptableHost("ther#e.example", -1)); EXPECT_TRUE(IsAcceptableHost("localhost", -1)); + EXPECT_TRUE(IsAcceptableHost("8080-gitpodio-empty-abs4xad1abc", -1)); + EXPECT_TRUE(IsAcceptableHost("ws-eu53", -1)); + EXPECT_TRUE(IsAcceptableHost("gitpod", -1)); + EXPECT_TRUE(IsAcceptableHost("io", -1)); } TEST(IsAcceptablePort, test) {