From 7ec8373d06e66e3ddb543b80b50dd9ead1f3874b Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Fri, 7 Dec 2012 12:49:20 +0000
Subject: [PATCH] Reject URLs with invalid port

Previously they were parsed incorrectly and characters between
the port number and the first slash were silently dropped as
shown by curl test 187.
---
 urlmatch.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/urlmatch.c b/urlmatch.c
index b5001af5..2886f27b 100644
--- a/urlmatch.c
+++ b/urlmatch.c
@@ -1,4 +1,4 @@
-const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.72 2012/07/23 12:42:53 fabiankeil Exp $";
+const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.73 2012/11/29 09:57:39 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/urlmatch.c,v $
@@ -382,9 +382,18 @@ jb_err parse_http_url(const char *url, struct http_request *http, int require_pr
       if (port != NULL)
       {
          /* Contains port */
+         char *endptr;
+         long parsed_port;
          /* Terminate hostname and point to start of port string */
          *port++ = '\0';
-         http->port = atoi(port);
+         parsed_port = strtol(port, &endptr, 10);
+         if ((parsed_port <= 0) || (parsed_port > 65535) || (*endptr != '\0'))
+         {
+            log_error(LOG_LEVEL_ERROR, "Invalid port in URL: %s.", url);
+            freez(buf);
+            return JB_ERR_PARSE;
+         }
+         http->port = (int)parsed_port;
       }
       else
       {
-- 
2.49.0