Bug 685192 - In RFC2231/5987 encoding, a missing charset field should be treated as error; r=bz
authorJulian Reschke <julian.reschke@gmx.de>
Sat, 15 Oct 2011 21:07:09 +0100
changeset 79458 fa04ab6995e555ae3f8cf170811c5f022bace71b
parent 79457 b0d1d740821db3080b4497a1c5aa1fcdd560c229
child 79459 77a0851eda764c5525ec726ae6e36dc1b479ae9e
push id506
push userclegnitto@mozilla.com
push dateWed, 09 Nov 2011 02:03:18 +0000
treeherdermozilla-aurora@63587fc7bb93 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbz
bugs685192
milestone10.0a1
Bug 685192 - In RFC2231/5987 encoding, a missing charset field should be treated as error; r=bz
netwerk/mime/nsMIMEHeaderParamImpl.cpp
netwerk/test/unit/test_MIME_params.js
--- a/netwerk/mime/nsMIMEHeaderParamImpl.cpp
+++ b/netwerk/mime/nsMIMEHeaderParamImpl.cpp
@@ -372,22 +372,29 @@ nsMIMEHeaderParamImpl::DoParameterIntern
         // Two single quotation marks must be present even in
         // absence of charset and lang.
         if (!sQuote1 || !sQuote2) {
           // log the warning and skip to next parameter
           NS_WARNING("Mandatory two single quotes are missing in header parameter, parameter ignored\n");
           goto increment_str;
         }
 
-        if (aCharset && sQuote1 > valueStart && sQuote1 < valueEnd)
-        {
+        // charset part is required
+        if (! (sQuote1 > valueStart && sQuote1 < valueEnd)) {
+          // log the warning and skip to next parameter
+          NS_WARNING("Mandatory charset part missing in header parameter, parameter ignored\n");
+          goto increment_str;
+        }
+        
+        if (aCharset) {
           *aCharset = (char *) nsMemory::Clone(valueStart, sQuote1 - valueStart + 1);
           if (*aCharset) 
             *(*aCharset + (sQuote1 - valueStart)) = 0;
         }
+        
         if (aLang && sQuote2 > sQuote1 + 1 && sQuote2 < valueEnd)
         {
           *aLang = (char *) nsMemory::Clone(sQuote1 + 1, sQuote2 - (sQuote1 + 1) + 1);
           if (*aLang) 
             *(*aLang + (sQuote2 - (sQuote1 + 1))) = 0;
         }
   
         if (sQuote2 + 1 < valueEnd)
--- a/netwerk/test/unit/test_MIME_params.js
+++ b/netwerk/test/unit/test_MIME_params.js
@@ -247,16 +247,27 @@ var tests = [
   // the actual bug, without 2231/5987 encoding
   ["attachment; filename X", 
    "attachment", Cr.NS_ERROR_INVALID_ARG],
 
   // sanity check with WS on both sides
   ["attachment; filename = foo-A.html", 
    "attachment", "foo-A.html"],   
 
+  // Bug 685192: in RFC2231/5987 encoding, a missing charset field should be
+  // treated as error 
+
+  // the actual bug
+  ["attachment; filename*=''foo", 
+   "attachment", Cr.NS_ERROR_INVALID_ARG],      
+
+  // sanity check
+  ["attachment; filename*=a''foo", 
+   "attachment", "foo"],      
+
   // Bug 692574: RFC2231/5987 decoding should not tolerate missing single
   // quotes
 
   // one missing
   ["attachment; filename*=UTF-8'foo-%41.html", 
    "attachment", Cr.NS_ERROR_INVALID_ARG],
 
   // both missing