From 4a150dd91c25ff36e1604fedb5354033d90a2049 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 2 Sep 2013 21:34:09 +0200
Subject: sanitize uriparse output

---
 util/bin/uriparse                | 16 ++++++++--------
 util/t/uriparse/parse-retard-uri | 13 +++++++++++++
 util/t/uriparse/parse-url        |  5 +++--
 3 files changed, 24 insertions(+), 10 deletions(-)
 create mode 100755 util/t/uriparse/parse-retard-uri

(limited to 'util')

diff --git a/util/bin/uriparse b/util/bin/uriparse
index 685b1ab1..b16bd9c8 100755
--- a/util/bin/uriparse
+++ b/util/bin/uriparse
@@ -1,6 +1,6 @@
 #!/usr/bin/python
-import os
-from sys import argv,exit
+from sys import argv, exit
+
 
 def uri_parser(uri):
     try:
@@ -17,12 +17,12 @@ if __name__ == "__main__":
         print('usage: %s URI')
         exit(1)
     u = uri_parser(uri)
-    
-    print('SCHEME="%s"' % u.scheme)
+
+    print("SCHEME='%s'" % u.scheme.replace("'", "'\\''"))
     if u.username:
-        print('USERNAME="%s"' % u.username)
+        print("USERNAME='%s'" % u.username.replace("'", "'\\''"))
     if u.password:
-        print('PASSWORD="%s"' % u.password)
+        print("PASSWORD='%s'" % u.password.replace("'", "'\\''"))
     if u.path:
-        print('URIPATH="%s"' % u.path)
-    print('HOSTNAME="%s"' % u.hostname)
+        print("URIPATH='%s'" % u.path.replace("'", "'\\''"))
+    print("HOSTN='%s'" % u.hostname.replace("'", "'\\''"))
diff --git a/util/t/uriparse/parse-retard-uri b/util/t/uriparse/parse-retard-uri
new file mode 100755
index 00000000..14aab28e
--- /dev/null
+++ b/util/t/uriparse/parse-retard-uri
@@ -0,0 +1,13 @@
+#!/bin/sh
+set -euf
+tempfile="`mktemp /tmp/test.XXXXXXXX`"
+trap "/bin/rm -f $tempfile" EXIT INT
+
+uriparse "http://'lolwut:\"khan@domain.tld/'''" > $tempfile
+. $tempfile
+[ $HOSTN == "domain.tld" ] && \
+    [ "$USERNAME" == "'lolwut" ] && \
+    [ "$PASSWORD" == '"khan' ] && \
+    [ "$URIPATH" == "/'''" ] 
+
+
diff --git a/util/t/uriparse/parse-url b/util/t/uriparse/parse-url
index 153afb4a..b0c926ca 100755
--- a/util/t/uriparse/parse-url
+++ b/util/t/uriparse/parse-url
@@ -3,10 +3,11 @@ set -euf
 tempfile="`mktemp /tmp/test.XXXXXXXX`"
 trap "/bin/rm -f $tempfile" EXIT INT
 
-urlparse "http://user:pass@domain.tld/path" > $tempfile
+uriparse "http://user:pass@domain.tld/path" > $tempfile
 . $tempfile
-[ $HOSTNAME == "domain.tld" ] && \
+[ $HOSTN == "domain.tld" ] && \
     [ $USERNAME == "user" ] && \
     [ $PASSWORD == "pass" ] && \
     [ $URIPATH == "/path" ] 
 
+
-- 
cgit v1.2.3