urlapi: fix parsing ipv6 with zone index

The previous fix for parsing IPv6 URLs with a zone index was a paddle
short for URLs without an explicit port. This patch fixes that case
and adds a unit test case.

This bug was highlighted by issue #3408, and while it's not the full
fix for the problem there it is an isolated bug that should be fixed
regardless.

Closes #3411
Reported-by: GitYuanQu on github
Reviewed-by: Daniel Stenberg <daniel@haxx.se>

diff --git a/lib/urlapi.c b/lib/urlapi.c
index 6919ff1bd7edb1f24bfd70f79062936692abedf5..3af8e9399f1f355dc447bbe6ed3bd5359c4730d1 100644 (file)
--- a/lib/urlapi.c
+++ b/lib/urlapi.c
@@ -510,8 +510,11 @@ UNITTEST CURLUcode Curl_parse_port(struct Curl_URL *u, char *hostname)
       portptr = &hostname[len];
     else if('%' == endbracket) {
       int zonelen = len;
-      if(1 == sscanf(hostname + zonelen, "25%*[^]]]%c%n", &endbracket, &len))
-        portptr = &hostname[--zonelen + len];
+      if(1 == sscanf(hostname + zonelen, "25%*[^]]%c%n", &endbracket, &len)) {
+        if(']' != endbracket)
+          return CURLUE_MALFORMED_INPUT;
+        portptr = &hostname[--zonelen + len + 1];
+      }
       else
         return CURLUE_MALFORMED_INPUT;
     }

diff --git a/tests/unit/unit1653.c b/tests/unit/unit1653.c
index b68d8dc4fe2c3acab5067e34f6196789181df3c4..4e326f51be2a41693bbb7d9a78d378671614559a 100644 (file)
--- a/tests/unit/unit1653.c
+++ b/tests/unit/unit1653.c
@@ -83,6 +83,14 @@ UNITTEST_START
   free(ipv6port);
   curl_url_cleanup(u);
 
+  /* Valid IPv6 with zone index without port number */
+  u = curl_url();
+  ipv6port = strdup("[fe80::250:56ff:fea7:da15%25eth3]");
+  ret = Curl_parse_port(u, ipv6port);
+  fail_unless(ret == CURLUE_OK, "Curl_parse_port returned error");
+  free(ipv6port);
+  curl_url_cleanup(u);
+
   /* Valid IPv6 with port number */
   u = curl_url();
   ipv6port = strdup("[fe80::250:56ff:fea7:da15]:81");