diff options
author | Daniel Stenberg <daniel@haxx.se> | 2018-12-11 16:08:51 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2018-12-12 07:58:47 +0100 |
commit | 435402cfe3f6e50b08e344211878d800184b5eb8 (patch) | |
tree | e4ceb2ca5ba9d6d36821686e10d6eabd2370fbdc /lib | |
parent | ecb2e194d45c92e430bcf133fcee85a8a336cfcb (diff) | |
download | curl-435402cfe3f6e50b08e344211878d800184b5eb8.tar.gz |
Curl_follow: extract the Location: header field unvalidated
... when not actually following the redirect. Otherwise we return error
for this and an application can't extract the value.
Test 1518 added to verify.
Reported-by: Pavel Pavlov
Fixes #3340
Closes #3364
Diffstat (limited to 'lib')
-rw-r--r-- | lib/transfer.c | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/lib/transfer.c b/lib/transfer.c index 5b1af4ebe..6390821bb 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -1534,12 +1534,22 @@ CURLcode Curl_follow(struct Curl_easy *data, DEBUGASSERT(data->state.uh); uc = curl_url_set(data->state.uh, CURLUPART_URL, newurl, (type == FOLLOW_FAKE) ? CURLU_NON_SUPPORT_SCHEME : 0); - if(uc) - return Curl_uc_to_curlcode(uc); + if(uc) { + if(type != FOLLOW_FAKE) + return Curl_uc_to_curlcode(uc); + + /* the URL could not be parsed for some reason, but since this is FAKE + mode, just duplicate the field as-is */ + newurl = strdup(newurl); + if(!newurl) + return CURLE_OUT_OF_MEMORY; + } + else { - uc = curl_url_get(data->state.uh, CURLUPART_URL, &newurl, 0); - if(uc) - return Curl_uc_to_curlcode(uc); + uc = curl_url_get(data->state.uh, CURLUPART_URL, &newurl, 0); + if(uc) + return Curl_uc_to_curlcode(uc); + } if(type == FOLLOW_FAKE) { /* we're only figuring out the new url if we would've followed locations |