Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-28 07:13:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1790287 - Search for xn-- prefix ignoring case r=necko-reviewers,kershaw

Browse Source 
The crash was caused by us loading `http://a.b.c.XN--pokxncvks/`
Because we searched for xn-- case sensitively, the first time around
the URL would parse, and would be lowercased, but when deserializing
the nsIPrincipal we would then fail to parse it.

Differential Revision: https://phabricator.services.mozilla.com/D166649
This commit is contained in:
Valentin Gosu 2023-01-23 13:53:56 +00:00
parent ca827af9eb
commit b42cdb564f
2 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
netwerk/dns/nsIDNService.cpp
View File

@ -326,13 +326,16 @@ NS_IMETHODIMP nsIDNService::IsACE(const nsACString& input, bool* _retval) {
auto stringContains = [](const nsACString& haystack,
const nsACString& needle) {
return std::search(haystack.BeginReading(), haystack.EndReading(),
needle.BeginReading(),
needle.EndReading()) != haystack.EndReading();
needle.BeginReading(), needle.EndReading(),
[](unsigned char ch1, unsigned char ch2) {
return tolower(ch1) == tolower(ch2);
}) != haystack.EndReading();
};
*_retval = StringBeginsWith(input, "xn--"_ns) ||
(!input.IsEmpty() && input[0] != '.' &&
stringContains(input, ".xn--"_ns));
*_retval =
StringBeginsWith(input, "xn--"_ns, nsCaseInsensitiveCStringComparator) ||
(!input.IsEmpty() && input[0] != '.' &&
stringContains(input, ".xn--"_ns));
return NS_OK;
}
@ -539,7 +542,7 @@ nsresult nsIDNService::stringPrepAndACE(const nsAString& in, nsACString& out,
if (IsAscii(in)) {
LossyCopyUTF16toASCII(in, out);
// If label begins with xn-- we still want to check its validity
if (!StringBeginsWith(in, u"xn--"_ns)) {
if (!StringBeginsWith(in, u"xn--"_ns, nsCaseInsensitiveStringComparator)) {
return NS_OK;
}
}

4
netwerk/test/unit/test_URIs.js
View File

@ -1040,4 +1040,8 @@ add_task(function test_jarURI_serialization() {
add_task(async function round_trip_invalid_ace_label() {
let uri = Services.io.newURI("http://xn--xn--d--fg4n-5y45d/");
Assert.equal(uri.spec, "http://xn--xn--d--fg4n-5y45d/");
Assert.throws(() => {
uri = Services.io.newURI("http://a.b.c.XN--pokxncvks");
}, /NS_ERROR_MALFORMED_URI/);
});