From 270b4f030a07a0ff3ad80e4ae5495ad89b4096ef Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Tue, 3 Sep 2013 11:37:04 -0400
Subject: [PATCH] Handle HTTP minor versions greater than 9

(In practice they don't exist, but so long as we're making changes for
standards compliance...)

Also add several more unit tests for good and bad URL types.
---
 src/or/directory.c  | 12 +++++++++---
 src/test/test_dir.c | 37 +++++++++++++++++++++++++++++++++----
 2 files changed, 42 insertions(+), 7 deletions(-)

diff --git a/src/or/directory.c b/src/or/directory.c
index 58ce0cf838..099df50d07 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -1417,10 +1417,16 @@ parse_http_url(const char *headers, char **url)
   }
 
   /* Check if the header is well formed (next sequence
-  * should be HTTP/1.X\r\n). Assumes we're supporting 1.0? */
+   * should be HTTP/1.X\r\n). Assumes we're supporting 1.0? */
   char *e = (char *)eat_whitespace_no_nl(s);
-  if (strcmpstart(e, "HTTP/1.") || !(*(e+8) == '\r')) {
-   return -1;
+  {
+    unsigned minor_ver;
+    char ch;
+    if (2 != tor_sscanf(e, "HTTP/1.%u%c", &minor_ver, &ch)) {
+      return -1;
+    }
+    if (ch != '\r')
+      return -1;
   }
 
   if (s-start < 5 || strcmpstart(start,"/tor/")) { /* need to rewrite it */
diff --git a/src/test/test_dir.c b/src/test/test_dir.c
index 05e13b5741..0292cbd667 100644
--- a/src/test/test_dir.c
+++ b/src/test/test_dir.c
@@ -2380,7 +2380,15 @@ test_dir_http_handling(void *args)
   test_streq(url, "/tor/a/b/c.txt");
   tor_free(url);
 
-  /* Should prepends '/tor/' to url if required */
+  test_eq(parse_http_url("GET /tor/a/b/c.txt HTTP/1.0\r\n", &url), 0);
+  test_streq(url, "/tor/a/b/c.txt");
+  tor_free(url);
+
+  test_eq(parse_http_url("GET /tor/a/b/c.txt HTTP/1.600\r\n", &url), 0);
+  test_streq(url, "/tor/a/b/c.txt");
+  tor_free(url);
+
+  /* Should prepend '/tor/' to url if required */
   test_eq(parse_http_url("GET /a/b/c.txt HTTP/1.1\r\n"
                            "Host: example.com\r\n"
                            "User-Agent: Mozilla/5.0 (Windows;"
@@ -2389,6 +2397,14 @@ test_dir_http_handling(void *args)
   test_streq(url, "/tor/a/b/c.txt");
   tor_free(url);
 
+  /* Bad headers -- no HTTP/1.x*/
+  test_eq(parse_http_url("GET /a/b/c.txt\r\n"
+                           "Host: example.com\r\n"
+                           "User-Agent: Mozilla/5.0 (Windows;"
+                           " U; Windows NT 6.1; en-US; rv:1.9.1.5)\r\n",
+                           &url), -1);
+  tt_assert(!url);
+
   /* Bad headers */
   test_eq(parse_http_url("GET /a/b/c.txt\r\n"
                            "Host: example.com\r\n"
@@ -2397,10 +2413,23 @@ test_dir_http_handling(void *args)
                            &url), -1);
   tt_assert(!url);
 
-  /* TODO: more http handling tests */
+  test_eq(parse_http_url("GET /tor/a/b/c.txt", &url), -1);
+  tt_assert(!url);
 
-  done:
-    ;
+  test_eq(parse_http_url("GET /tor/a/b/c.txt HTTP/1.1", &url), -1);
+  tt_assert(!url);
+
+  test_eq(parse_http_url("GET /tor/a/b/c.txt HTTP/1.1x\r\n", &url), -1);
+  tt_assert(!url);
+
+  test_eq(parse_http_url("GET /tor/a/b/c.txt HTTP/1.", &url), -1);
+  tt_assert(!url);
+
+  test_eq(parse_http_url("GET /tor/a/b/c.txt HTTP/1.\r", &url), -1);
+  tt_assert(!url);
+
+ done:
+  tor_free(url);
 }
 
 #define DIR_LEGACY(name)                                                   \