From 33efabe286777640250adfbea96caf9676671e4f Mon Sep 17 00:00:00 2001
From: Honza Bambas <honzab.moz@firemni.cz>
Date: Mon, 11 Oct 2010 21:39:09 +0200
Subject: [PATCH] Bug 537381 - -1 as port number cause default port to be used,
 should fail to load, r=bz, a=blocking:final

---
 netwerk/base/src/nsURLParsers.cpp   |  6 ++-
 netwerk/test/unit/test_bug479485.js | 62 +++++++++++++++++++----------
 2 files changed, 47 insertions(+), 21 deletions(-)

diff --git a/netwerk/base/src/nsURLParsers.cpp b/netwerk/base/src/nsURLParsers.cpp
index f83c1003a926..b262fc82d6d2 100644
--- a/netwerk/base/src/nsURLParsers.cpp
+++ b/netwerk/base/src/nsURLParsers.cpp
@@ -618,9 +618,13 @@ nsAuthURLParser::ParseServerInfo(const char *serverinfo, PRInt32 serverinfoLen,
                 *port = -1;
             }
             else {
+                const char* nondigit = NS_strspnp("0123456789", buf.get());
+                if (nondigit && *nondigit)
+                    return NS_ERROR_MALFORMED_URI;
+
                 PRInt32 err;
                 *port = buf.ToInteger(&err);
-                if (NS_FAILED(err))
+                if (NS_FAILED(err) || *port <= 0)
                     return NS_ERROR_MALFORMED_URI;
             }
         }
diff --git a/netwerk/test/unit/test_bug479485.js b/netwerk/test/unit/test_bug479485.js
index b0a85975dd4e..5ae47a80487c 100644
--- a/netwerk/test/unit/test_bug479485.js
+++ b/netwerk/test/unit/test_bug479485.js
@@ -5,25 +5,47 @@ const Cr = Components.results;
 function run_test() {
   var ios = Cc["@mozilla.org/network/io-service;1"].
     getService(Ci.nsIIOService);
+    
+  var test_port = function(port, exception_expected)
+  {
+    dump((port || "no port provided") + "\n");
+    var exception_threw = false;
+    try {
+      var newURI = ios.newURI("http://foo.com"+port, null, null);
+    }
+    catch (e) {
+      exception_threw = e.result == Cr.NS_ERROR_MALFORMED_URI;
+    }
+    if (exception_threw != exception_expected)
+      do_throw("We did"+(exception_expected?"n't":"")+" throw NS_ERROR_MALFORMED_URI when creating a new URI with "+port+" as a port");
+    do_check_eq(exception_threw, exception_expected);
+  
+    exception_threw = false;
+    newURI = ios.newURI("http://foo.com", null, null);
+    try {
+      newURI.spec = "http://foo.com"+port;
+    }
+    catch (e) {
+      exception_threw = e.result == Cr.NS_ERROR_MALFORMED_URI;
+    }
+    if (exception_threw != exception_expected)
+      do_throw("We did"+(exception_expected?"n't":"")+" throw NS_ERROR_MALFORMED_URI when setting a spec of a URI with "+port+" as a port");
+    do_check_eq(exception_threw, exception_expected);
+  }
+  
+  test_port(":invalid", true);
+  test_port(":-2", true);
+  test_port(":-1", true);
+  test_port(":0", true);
+  test_port(":185891548721348172817857824356013651809236172635716571865023757816234081723451516780356", true);
+  
+  // Following 3 tests are all failing, we do not throw, although we parse the whole string and use only 5870 as a portnumber
+  test_port(":5870:80", true);
+  test_port(":5870-80", true);
+  test_port(":5870+80", true);
 
-  var success = false;
-  try {
-    var newURI = ios.newURI("http://foo.com:invalid", null, null);
-  }
-  catch (e) {
-    success = e.result == Cr.NS_ERROR_MALFORMED_URI;
-  }
-  if (!success)
-    do_throw("We didn't throw NS_ERROR_MALFORMED_URI when creating a new URI with :invalid as a port");
-
-  success = false;
-  newURI = ios.newURI("http://foo.com", null, null);
-  try {
-    newURI.spec = "http://foo.com:invalid";
-  }
-  catch (e) {
-    success = e.result == Cr.NS_ERROR_MALFORMED_URI;
-  }
-  if (!success)
-    do_throw("We didn't throw NS_ERROR_MALFORMED_URI when setting a spec of a URI with :invalid as a port");
+  // Just a regression check
+  test_port(":5870", false);
+  test_port(":80", false);
+  test_port("", false);
 }