curl-library
Re: Misterious URL behavior when using local variables to pass it
Date: Tue, 23 Nov 2010 23:07:48 -0800
On Tue, Nov 23, 2010 at 04:54:57PM -0500, Paulo Garcia wrote:
> I'm creating a C++ application (Windows 7 32 bits/VS 2010) and I'm
> having an interesting behavior.
>
> Basically I'm trying to grab files from depositfile.com directly. If I
> set my URL like this:
>
>
> char localUrl[MAX_FILEPATH];
> sprintf(localUrl,"http://depositfiles.com%s", redirection);
> curl_easy_setopt(handle, CURLOPT_URL, localUrl);
> res = curl_easy_perform(handle);
>
> I get an error "400 Bad Request".
>
> But, if I send exactly the same URL as constant, like this:
>
> curl_easy_setopt(handle, CURLOPT_URL,
> "http://depositfiles.com/en/files/6kpdasddasa3svf");
>
> I get the right page!
>
> I have checked the content of localUrl before calling the
> curl_easy_perform() function, and it is exactly the same (using
> debug).
>
> I cannot see what's wrong.
>
> Any ideas?
MAX_FILEPATH isn't a very good constant to use as the size of a URL buffer,
since it relates to the filesystem in use on the local system and has nothing
to do with URLs. It could be that the sprintf is overwriting the end of
the buffer and the last part of the buffer is being clobbered by the
time it's being used by libcurl. Try using a buffer that's known to be
large enough, and use snprintf/ _snprintf/strlcat to append the location,
checking that the operation succeeds. Enable libcurl tracing and see exactly
what URL is being requested on the way out.
Note also that creating a URL this way is unsafe in at least two ways:
the buffer could be overwritten by a long Location: string returned by
the remote server (I'm assuming that's what "redirection" holds) allowing
a stack smashing attack and possible arbitrary code execution, and the
way this code builds the string opens you to redirections to completely
different sites (e.g. if "redirection" is .badserver.biz/badfile.exe you'll
be redirected to http://depositfiles.com.badserver.biz/badfile.exe, on a
completely different domain). Please read the Security Considerations
section in the libcurl-tutorial(3) man page.
>>> Dan
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-11-24