[libsoup] hsts-db: use unsigned integers when writing to the database
- From: Claudio Saavedra <csaavedra src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [libsoup] hsts-db: use unsigned integers when writing to the database
- Date: Thu, 6 Jun 2019 15:13:09 +0000 (UTC)
commit 5602fdc761cf1d72185fd9c228127544d863299f
Author: Claudio Saavedra <csaavedra igalia com>
Date: Thu Jun 6 18:09:44 2019 +0300
hsts-db: use unsigned integers when writing to the database
Using %d for values that are actually unsigned causes problems,
in particular with servers using a rather large max-age.
Added a test that reproduces the issue.
libsoup/soup-hsts-enforcer-db.c | 2 +-
tests/hsts-db-test.c | 21 +++++++++++++++++++++
2 files changed, 22 insertions(+), 1 deletion(-)
---
diff --git a/libsoup/soup-hsts-enforcer-db.c b/libsoup/soup-hsts-enforcer-db.c
index 6a14bbd8..e097454d 100644
--- a/libsoup/soup-hsts-enforcer-db.c
+++ b/libsoup/soup-hsts-enforcer-db.c
@@ -123,7 +123,7 @@ soup_hsts_enforcer_db_new (const char *filename)
#define QUERY_ALL "SELECT id, host, max_age, expiry, include_subdomains FROM soup_hsts_policies;"
#define CREATE_TABLE "CREATE TABLE soup_hsts_policies (id INTEGER PRIMARY KEY, host TEXT UNIQUE, max_age
INTEGER, expiry INTEGER, include_subdomains INTEGER)"
-#define QUERY_INSERT "INSERT OR REPLACE INTO soup_hsts_policies VALUES((SELECT id FROM soup_hsts_policies
WHERE host=%Q), %Q, %d, %d, %d);"
+#define QUERY_INSERT "INSERT OR REPLACE INTO soup_hsts_policies VALUES((SELECT id FROM soup_hsts_policies
WHERE host=%Q), %Q, %u, %u, %u);"
#define QUERY_DELETE "DELETE FROM soup_hsts_policies WHERE host=%Q;"
enum {
diff --git a/tests/hsts-db-test.c b/tests/hsts-db-test.c
index 9ae37e65..cee5dd32 100644
--- a/tests/hsts-db-test.c
+++ b/tests/hsts-db-test.c
@@ -47,6 +47,11 @@ server_callback (SoupServer *server, SoupMessage *msg,
"Strict-Transport-Security",
"max-age=31536000; includeSubDomains");
}
+ else if (strcmp (path, "/very-long-lasting") == 0) {
+ soup_message_headers_append (msg->response_headers,
+ "Strict-Transport-Security",
+ "max-age=631138519");
+ }
}
}
@@ -139,6 +144,21 @@ do_hsts_db_subdomains_test (void)
g_remove (DB_FILE);
}
+static void
+do_hsts_db_large_max_age_test (void)
+{
+ SoupSession *session = hsts_db_session_new ();
+ session_get_uri (session, "https://localhost/very-long-lasting", SOUP_STATUS_OK);
+ session_get_uri (session, "http://localhost", SOUP_STATUS_OK);
+ soup_test_session_abort_unref (session);
+
+ session = hsts_db_session_new ();
+ session_get_uri (session, "http://localhost", SOUP_STATUS_OK);
+ soup_test_session_abort_unref (session);
+
+ g_remove (DB_FILE);
+}
+
int
main (int argc, char **argv)
{
@@ -160,6 +180,7 @@ main (int argc, char **argv)
g_test_add_func ("/hsts-db/basic", do_hsts_db_persistency_test);
g_test_add_func ("/hsts-db/subdomains", do_hsts_db_subdomains_test);
+ g_test_add_func ("/hsts-db/large-max-age", do_hsts_db_large_max_age_test);
ret = g_test_run ();
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]