Merge pull request #29 from wolkykim/secfix

security update: add sanity check on url decoding

Makefile.in

@@ -50,11 +50,11 @@ clean:
 	done
 
 distclean: clean
-	@for DIR in src examples; do \
+	@for DIR in src examples tests; do \
 		echo "===> $${DIR}"; \
-		(cd $${DIR}; make clean; ${RM} -f Makefile); \
+		(cd $${DIR}; make clean; ${RM} Makefile); \
 		echo "<=== $${DIR}"; \
 	done
 	${RM} -rf autom4te.cache
-	${RM} -f configure.lineno config.log config.status config.h *~
-	${RM} -f Makefile src/qdecoder.pc
+	${RM} configure.lineno config.log config.status config.h *~
+	${RM} Makefile src/qdecoder.pc

configure

@@ -2065,7 +2065,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
 
 ac_config_headers="$ac_config_headers config.h"
 
-ac_config_files="$ac_config_files Makefile src/qdecoder.pc src/Makefile examples/Makefile"
+ac_config_files="$ac_config_files Makefile src/qdecoder.pc src/Makefile examples/Makefile tests/Makefile"
 
 
 ## Set path
@@ -5006,6 +5006,7 @@ do
     "src/qdecoder.pc") CONFIG_FILES="$CONFIG_FILES src/qdecoder.pc" ;;
     "src/Makefile") CONFIG_FILES="$CONFIG_FILES src/Makefile" ;;
     "examples/Makefile") CONFIG_FILES="$CONFIG_FILES examples/Makefile" ;;
+    "tests/Makefile") CONFIG_FILES="$CONFIG_FILES tests/Makefile" ;;
 
   *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
   esac

configure.ac

@@ -77,7 +77,7 @@ AC_DEFUN([Q_ARG_DISABLE], [
 AC_INIT([qDecoder], [12 RELEASE], [http://www.qdecoder.org/])
 AC_CONFIG_SRCDIR([config.h.in])
 AC_CONFIG_HEADER([config.h])
-AC_CONFIG_FILES([Makefile src/qdecoder.pc src/Makefile examples/Makefile])
+AC_CONFIG_FILES([Makefile src/qdecoder.pc src/Makefile examples/Makefile tests/Makefile])
 
 ## Set path
 PATH="$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"

src/Makefile.in

@@ -93,11 +93,11 @@ install: all
 
 deinstall: uninstall
 uninstall:
-	${RM} -f ${HEADERDIR}/qdecoder.h
-	${RM} -f ${LIBDIR}/${LIBNAME}
-	${RM} -f ${LIBDIR}/${SLIBREALNAME}
-	${RM} -f ${LIBDIR}/${SLIBNAME}
-	${RM} -f ${PKGCONFIGDIR}/${PKGCONFIGNAME}
+	${RM} ${HEADERDIR}/qdecoder.h
+	${RM} ${LIBDIR}/${LIBNAME}
+	${RM} ${LIBDIR}/${SLIBREALNAME}
+	${RM} ${LIBDIR}/${SLIBNAME}
+	${RM} ${PKGCONFIGDIR}/${PKGCONFIGNAME}
 	${RMDIR} -p --ignore-fail-on-non-empty ${HEADERDIR}
 	${RMDIR} -p --ignore-fail-on-non-empty ${PKGCONFIGDIR}
 	${RMDIR} -p --ignore-fail-on-non-empty ${LIBDIR}
@@ -109,7 +109,7 @@ cleandoc:
 	${RM} -rf ../doc/html
 
 clean:
-	${RM} -f ${OBJ} ${LIBNAME} ${SLIBREALNAME} ${SLIBNAME}
+	${RM} ${OBJ} ${LIBNAME} ${SLIBREALNAME} ${SLIBNAME}
 
 ## Compile
 .c.o:

src/internal.c

@@ -34,6 +34,7 @@
 #include <stdlib.h>
 #include <stdbool.h>
 #include <stdarg.h>
+#include <ctype.h>
 #include <string.h>
 #include <unistd.h>
 #include <libgen.h>
@@ -49,7 +50,7 @@
 #include "compat/msw_missing.h"
 #endif
 
-// Change two hex character to one hex value.
+// Change two hex characters to one hex value.
 char _q_x2c(char hex_up, char hex_low)
 {
     char digit;
@@ -140,8 +141,13 @@ size_t _q_urldecode(char *str)
                 break;
             }
             case '%': {
-                *pBinPt++ = _q_x2c(*(pEncPt + 1), *(pEncPt + 2));
-                pEncPt += 2;
+                if (*(pEncPt + 1) != '\0' && isxdigit(*(pEncPt + 1)) \
+                    && *(pEncPt + 2) != '\0' && isxdigit(*(pEncPt + 2))) {
+                    *pBinPt++ = _q_x2c(*(pEncPt + 1), *(pEncPt + 2));
+                    pEncPt += 2;
+                } else {
+                    *pBinPt++ = *pEncPt;
+                }
                 break;
             }
             default: {

tests/Makefile.in

@@ -0,0 +1,62 @@
+################################################################################
+## qDecoder - http://www.qdecoder.org
+##
+## Copyright (c) 2000-2022 Seungyoung Kim.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted provided that the following conditions are met:
+##
+## 1. Redistributions of source code must retain the above copyright notice,
+##    this list of conditions and the following disclaimer.
+## 2. Redistributions in binary form must reproduce the above copyright notice,
+##    this list of conditions and the following disclaimer in the documentation
+##    and/or other materials provided with the distribution.
+##
+## THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+## AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+## IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+## ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+## LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+## POSSIBILITY OF SUCH DAMAGE.
+################################################################################
+
+prefix		= @prefix@
+exec_prefix	= @exec_prefix@
+
+## qDecoder definitions
+QDECODER_INCDIR		= ../src
+QDECODER_LIBDIR		= ../src
+
+## Compiler options
+CC		= @CC@
+CFLAGS		= @CFLAGS@
+CPPFLAGS	= @CPPFLAGS@ -I${QDECODER_INCDIR}
+
+TARGETS		= \
+		test_q_urldecode
+QUNIT_OBJS	= qunit.o
+LIBQDECODER	= ${QDECODER_LIBDIR}/libqdecoder.a
+
+## Main
+all:	${TARGETS}
+
+run:	test
+test:	all
+	@./launcher.sh ${TARGETS}
+
+test_q_urldecode: test_q_urldecode.o ${QUNIT_OBJS}
+	${CC} ${CFLAGS} ${CPPFLAGS} -o $@ test_q_urldecode.o ${QUNIT_OBJS} ${LIBQDECODER}
+
+## Clear Module
+clean:
+	${RM} *.o ${TARGETS}
+
+## Compile Module
+.c.o:
+	${CC} ${CFLAGS} ${CPPFLAGS} -c -o $@ $<

tests/README.md

@@ -0,0 +1,37 @@
+qDecoder Unit Tests
+===================
+
+# How to run unit tests.
+
+```
+$ make test
+Test internal.c/_q_urldecode
+======================================================================
+* TEST : Test plain string . OK (1 assertions, 0ms)
+* TEST : Test urlencoded string . OK (1 assertions, 0ms)
+* TEST : Test urlencoded string exceptions .. OK (2 assertions, 0ms)
+======================================================================
+PASS - 3/3 tests passed.
+```
+
+# How to write unit tests
+
+We need your help in writing unit tests. Please refer qunit.h for your reference.
+
+```C
+#include "qunit.h"
+#include "qdecoder.h"
+
+QUNIT_START("Test title");
+
+TEST("Test name1") {
+    ASSERT_EQUAL_STR("abc", "abc");
+    ASSERT_EQUAL_INT(8, 8);
+}
+
+TEST("Test name2") {
+    ASSERT_EQUAL_PT(NULL == NULL);
+}
+
+QUNIT_END();
+```

tests/launcher.sh

@@ -0,0 +1,37 @@
+#!/bin/sh
+
+if [ $# = 0 ]; then
+	echo "This program is called by make. Please use \"make test\" command instead."
+	exit 1
+fi
+
+FAIL=0
+FAILDESC=""
+for EXECUTABLE in $*; do
+	./$EXECUTABLE
+	if [ $? != 0 ]; then
+		FAIL=1
+		FAILDESC="$FAILDESC $EXECUTABLE"
+	fi
+	echo ""
+done
+
+if [ $FAIL != 0 ]; then
+	echo "======================================================================"
+	echo "**** OOOOOPS!!! UNSUCESSFUL UNIT TEST FOUND. PLEASE FIX AND RERUN ****"
+	echo "======================================================================"
+	echo "Fails in =>$FAILDESC"
+	exit 1
+fi
+
+echo "======================================================================"
+echo "****             Good job! All tests are successful               ****"
+echo "======================================================================"
+echo "*   ____                 _     All tests have finished successfully. *"  
+echo "*  / ___| ___   ___   __| |     | | ___ | |__   | |                  *"
+echo "* | |  _ / _ \ / _ \ / _\` |  _  | |/ _ \| '_ \  | |                  *"
+echo "* | |_| | (_) | (_) | (_| | | |_| | (_) | |_) | |_|                  *"
+echo "*  \____|\___/ \___/ \__,_|  \___/ \___/|_.__/  (_)                  *"
+echo "======================================================================"
+echo "Tested: $*"
+exit 0

tests/qunit.c

@@ -0,0 +1,42 @@
+/******************************************************************************
+ * qunit - C Unit Test Framework
+ *
+ * Copyright (c) 2014-2022 Seungyoung Kim.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *****************************************************************************/
+
+#include <stdio.h>
+#include <sys/time.h>
+
+/**
+ * Returns the current time in milliseconds.
+ *
+ * @return current time in milliseconds.
+ */
+long _qunit_current_milli(void) {
+    struct timeval tv;
+    gettimeofday(&tv, NULL);
+    long time = (tv.tv_sec * 1000) + (tv.tv_usec / 1000);
+    return time;
+}