212393 2020-05-26 17:34:33 -0700 UTF-8 encode strings of invalid URLs when converting WTF::URL to NSURL instead of truncating the UTF-16 encoding 2020-05-28 17:46:21 -0700 1 1 1 Unclassified WebKit New Bugs WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 achristensen achristensen benjamin cdumez cmarcelo darin ews-watchlist thorton webkit-bug-importer oldest_to_newest 1656233 0 achristensen 2020-05-26 17:34:33 -0700 UTF-8 encode strings of invalid URLs when converting WTF::URL to NSURL instead of truncating the UTF-16 encoding 1656237 1 400289 achristensen 2020-05-26 17:41:50 -0700 Created attachment 400289 Patch 1656245 2 ews-feeder 2020-05-26 18:49:00 -0700 Committed r262171: <https://trac.webkit.org/changeset/262171> All reviewed patches have been landed. Closing bug and clearing flags on attachment 400289. 1656246 3 webkit-bug-importer 2020-05-26 18:49:14 -0700 <rdar://problem/63655013> 1656490 4 400289 darin 2020-05-27 11:49:10 -0700 Comment on attachment 400289 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=400289&action=review > Source/WTF/wtf/cf/URLCF.cpp:59 > + RetainPtr<CFURLRef> cfURL; > + if (LIKELY(m_string.is8Bit())) > + cfURL = WTF::createCFURLFromBuffer(reinterpret_cast<const char*>(m_string.characters8()), m_string.length()); > + else { > + CString utf8 = m_string.utf8(); > + cfURL = WTF::createCFURLFromBuffer(utf8.data(), utf8.length()); > + } On reflection, this code is really not quite right. If we have non-ASCII Latin-1 characters, they will great treated as Latin-1, not UTF-8. But only if the string happens to be stored 8-bit, which is an implementation detail. Handling of those characters should *not* be different based on whether the string is 8-bit or not. Sadly, I think we need the more expensive "isAllASCII" check. Test string would be "http://\xb6", both as an 8-bit string and a 16-bit string. Needs to give the same results in both cases. > Source/WTF/wtf/cocoa/URLCocoa.mm:77 > if (LIKELY(m_string.is8Bit())) > cfURL = WTF::createCFURLFromBuffer(reinterpret_cast<const char*>(m_string.characters8()), m_string.length()); > else { > - // Slower path. > - WTF::URLCharBuffer buffer; > - copyToBuffer(buffer); > - cfURL = WTF::createCFURLFromBuffer(buffer.data(), buffer.size()); > + CString utf8 = m_string.utf8(); > + cfURL = WTF::createCFURLFromBuffer(utf8.data(), utf8.length()); > } Same problem. 1656649 5 achristensen 2020-05-27 15:51:54 -0700 "http://\xb6" would be canonicalized to "http://xn--tba/" then it would be ASCII as all valid URLs are. This change only applied to invalid URLs containing non-ASCII characters. If you'd like, we can add the test I'm about to upload to verify correct behavior, but I think they behave correctly. 1656650 6 400398 achristensen 2020-05-27 15:52:36 -0700 Created attachment 400398 add more tests 1656717 7 400398 darin 2020-05-27 18:24:21 -0700 Comment on attachment 400398 add more tests I don’t understand why this works, since the code does not do the same thing with 8-bit and 16-bit strings. 1656718 8 darin 2020-05-27 18:25:55 -0700 In one case we pass a string with one byte, 0xB6, in it. In the other we pass a string with two bytes, 0xC2 0xB6, in it. Does WTF::createCFURLFromBuffer make the same URL in both cases? If so, how does it do that? 1656765 9 400398 achristensen 2020-05-27 21:55:22 -0700 Comment on attachment 400398 add more tests We do pass one code point as input, U+00B6. The output of NSURL parsing that is the percent-encoded UTF-8 encoding of that code point, %C2%B6, which is the same in both cases. bugs.webkit.org's review tool is showing the UTF-8 encoding of my test case on line 216, but that's one character. 1656856 10 darin 2020-05-28 08:21:04 -0700 Sorry. I still don’t understand. WTF::createCFURLFromBuffer creates the same URL if you pass it: { 0xB6 } And if you pass it: { 0xC2, 0xB6 } Really? 1656921 11 achristensen 2020-05-28 10:54:33 -0700 If you pass createCFURLFromBuffer { 0xB6 }, then the CFURLRef constructor will UTF-8 encode then percent encode that, resulting in %C2%B6. This happens if you call createCFURL() on a URL that has an 8-bit or a 16-bit String containing only the character U+00B6. This is what you see in the patch named "add more tests". The reason you think you see 2 characters in my code is because the code review tool UTF-8 encodes 0xB6 also. If you pass createCFURLFromBuffer { 0xC2, 0xB6 }, then it will UTF-8 encode then percent encode that, resulting in %C3%82%C2%B6 1656923 12 darin 2020-05-28 10:57:04 -0700 (In reply to Alex Christensen from comment #11) > If you pass createCFURLFromBuffer { 0xC2, 0xB6 }, then it will UTF-8 encode > then percent encode that, resulting in %C3%82%C2%B6 OK, so then if I create a WTF::String containing the character U+00B6, but it’s a 16-bit string, then this code will run: CString utf8 = m_string.utf8(); cfURL = WTF::createCFURLFromBuffer(utf8.data(), utf8.length()); The value of 'utf8' will be { 0xC2, 0xB6 }, and it will call WTF::createCFURLFromBuffer and result in %C3%82%C2%B6. But that should not be handled any differently from an 8-bit string containing the character U+00B6. What’s wrong in the story above? Why doesn’t a test case show this problem? 1656924 13 achristensen 2020-05-28 10:59:58 -0700 Ah, this is because createCFURLFromBuffer first tries to decode the string as UTF-8 if it can then as Latin1. We should pass createCFURLFromBuffer an encoding to use instead of having it try one then the other. I think I would have to write a fuzzer to come up with a test case that produced different results if there is one. 1656963 14 darin 2020-05-28 12:35:38 -0700 Got it! So to show the bug, what we need is a Latin-1 sequence that is also a valid UTF-8 sequence. The test case would be U+00C2, U+00B6. That would give different CFURL results if passed as an 8-bit string and a 16-bit string. 1657111 15 achristensen 2020-05-28 17:46:21 -0700 Fixing in https://bugs.webkit.org/show_bug.cgi?id=212486 400289 2020-05-26 17:41:50 -0700 2020-05-26 18:49:01 -0700 Patch bug-212393-20200526174149.patch text/plain 6713 achristensen SW5kZXg6IFNvdXJjZS9XVEYvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XVEYvQ2hh bmdlTG9nCShyZXZpc2lvbiAyNjIxMjcpCisrKyBTb3VyY2UvV1RGL0NoYW5nZUxvZwkod29ya2lu ZyBjb3B5KQpAQCAtMSwzICsxLDI0IEBACisyMDIwLTA1LTI2ICBBbGV4IENocmlzdGVuc2VuICA8 YWNocmlzdGVuc2VuQHdlYmtpdC5vcmc+CisKKyAgICAgICAgVVRGLTggZW5jb2RlIHN0cmluZ3Mg b2YgaW52YWxpZCBVUkxzIHdoZW4gY29udmVydGluZyBXVEY6OlVSTCB0byBOU1VSTCBpbnN0ZWFk IG9mIHRydW5jYXRpbmcgdGhlIFVURi0xNiBlbmNvZGluZworICAgICAgICBodHRwczovL2J1Z3Mu d2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MjEyMzkzCisgICAgICAgIDxyZGFyOi8vcHJvYmxl bS82MzA5NTUwMz4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAg ICAgICBUaGlzIG9ubHkgY2hhbmdlcyBiZWhhdmlvciBpbiBjb2RlIHRoYXQgaXMgbWFya2VkIGFz IFVOTElLRUxZIGJlY2F1c2UgaXQgY2FuIG9ubHkgYmUgcmVhY2hlZCBieSBpbnZhbGlkIHVuaWNv ZGUgVVJMcywKKyAgICAgICAgYnV0IGl0IGNhbiBiZSByZWFjaGVkIGFuZCBzaG91bGQgYmVoYXZl IGluIGEgcmVhc29uYWJsZSBtYW5uZXIgaW4gdGhvc2UgY2FzZXMuICBUaGlzIG1ha2VzIFNhZmFy aSBiZWhhdmUgbW9yZSBzaW1pbGFybHkKKyAgICAgICAgdG8gRmlyZWZveCBpbiB0aGlzIGNhc2Ug aW5zdGVhZCBvZiBkb2luZyBzb21ldGhpbmcgc2ltaWxhciB0byBubyBvdGhlciBicm93c2VyLgor CisgICAgICAgICogd3RmL1VSTC5jcHA6CisgICAgICAgIChXVEY6OmNvcHlBU0NJSSk6IERlbGV0 ZWQuCisgICAgICAgIChXVEY6OlVSTDo6Y29weVRvQnVmZmVyIGNvbnN0KTogRGVsZXRlZC4KKyAg ICAgICAgKiB3dGYvVVJMLmg6CisgICAgICAgICogd3RmL2NmL1VSTENGLmNwcDoKKyAgICAgICAg KFdURjo6VVJMOjpjcmVhdGVDRlVSTCBjb25zdCk6CisgICAgICAgICogd3RmL2NvY29hL1VSTENv Y29hLm1tOgorICAgICAgICAoV1RGOjpVUkw6OmNyZWF0ZUNGVVJMIGNvbnN0KToKKwogMjAyMC0w NS0yMiAgRGF2aWQgS2lsemVyICA8ZGRraWx6ZXJAYXBwbGUuY29tPgogCiAgICAgICAgIFdURjo6 aXNWYWxpZEVudW0oKSBoYXMgYSB0eXBvIGluIHN0YXRpY19hc3NlcnQgbWFraW5nIGl0IGEgdGF1 dG9sb2dpY2FsIGNvbXBhcmlzb24KSW5kZXg6IFNvdXJjZS9XVEYvd3RmL1VSTC5jcHAKPT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PQotLS0gU291cmNlL1dURi93dGYvVVJMLmNwcAkocmV2aXNpb24gMjYyMTI3KQorKysgU291 cmNlL1dURi93dGYvVVJMLmNwcAkod29ya2luZyBjb3B5KQpAQCAtNDEsMjAgKzQxLDYgQEAKIAog bmFtZXNwYWNlIFdURiB7CiAKLS8vIENvcGllcyB0aGUgc291cmNlIHRvIHRoZSBkZXN0aW5hdGlv biwgYXNzdW1pbmcgYWxsIHRoZSBzb3VyY2UgY2hhcmFjdGVycyBhcmUgQVNDSUkuCi0vLyBUaGUg ZGVzdGluYXRpb24gYnVmZmVyIG11c3QgYmUgbGFyZ2UgZW5vdWdoLiBOdWxsIGNoYXJhY3RlcnMg YXJlIGFsbG93ZWQgaW4gdGhlCi0vLyBzb3VyY2Ugc3RyaW5nLCBhbmQgbm8gYXR0ZW1wdCBpcyBt YWRlIHRvIG51bGwtdGVybWluYXRlIHRoZSBkZXN0aW5hdGlvbiBidWZmZXIuCi1zdGF0aWMgdm9p ZCBjb3B5QVNDSUkoY29uc3QgU3RyaW5nJiBzdHJpbmcsIGNoYXIqIGRlc3RpbmF0aW9uKQotewot ICAgIGlmIChzdHJpbmcuaXM4Qml0KCkpCi0gICAgICAgIG1lbWNweShkZXN0aW5hdGlvbiwgc3Ry aW5nLmNoYXJhY3RlcnM4KCksIHN0cmluZy5sZW5ndGgoKSk7Ci0gICAgZWxzZSB7Ci0gICAgICAg IGF1dG8gc291cmNlID0gc3RyaW5nLmNoYXJhY3RlcnMxNigpOwotICAgICAgICBmb3IgKHVuc2ln bmVkIGkgPSAwLCBsZW5ndGggPSBzdHJpbmcubGVuZ3RoKCk7IGkgPCBsZW5ndGg7IGkrKykKLSAg ICAgICAgICAgIGRlc3RpbmF0aW9uW2ldID0gc3RhdGljX2Nhc3Q8Y2hhcj4oc291cmNlW2ldKTsK LSAgICB9Ci19Ci0KIHZvaWQgVVJMOjppbnZhbGlkYXRlKCkKIHsKICAgICBtX2lzVmFsaWQgPSBm YWxzZTsKQEAgLTczOCwxNCArNzI0LDYgQEAgYm9vbCBVUkw6OmlzSGllcmFyY2hpY2FsKCkgY29u c3QKICAgICByZXR1cm4gbV9zdHJpbmdbbV9zY2hlbWVFbmQgKyAxXSA9PSAnLyc7CiB9CiAKLXZv aWQgVVJMOjpjb3B5VG9CdWZmZXIoVmVjdG9yPGNoYXIsIDUxMj4mIGJ1ZmZlcikgY29uc3QKLXsK LSAgICAvLyBGSVhNRTogVGhpcyB0aHJvd3MgYXdheSB0aGUgaGlnaCBieXRlcyBvZiBhbGwgdGhl IGNoYXJhY3RlcnMgaW4gdGhlIHN0cmluZyEKLSAgICAvLyBUaGF0J3MgZmluZSBmb3IgYSB2YWxp ZCBVUkwsIHdoaWNoIGlzIGFsbCBBU0NJSSwgYnV0IG5vdCBmb3IgaW52YWxpZCBVUkxzLgotICAg IGJ1ZmZlci5yZXNpemUobV9zdHJpbmcubGVuZ3RoKCkpOwotICAgIGNvcHlBU0NJSShtX3N0cmlu ZywgYnVmZmVyLmRhdGEoKSk7Ci19Ci0KIHN0YXRpYyBib29sIHByb3RvY29sSXNJbnRlcm5hbChT dHJpbmdWaWV3IHN0cmluZywgY29uc3QgY2hhciogcHJvdG9jb2wpCiB7CiAgICAgYXNzZXJ0UHJv dG9jb2xJc0dvb2QocHJvdG9jb2wpOwpJbmRleDogU291cmNlL1dURi93dGYvVVJMLmgKPT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PQotLS0gU291cmNlL1dURi93dGYvVVJMLmgJKHJldmlzaW9uIDI2MjEyNykKKysrIFNvdXJj ZS9XVEYvd3RmL1VSTC5oCSh3b3JraW5nIGNvcHkpCkBAIC0xODgsNyArMTg4LDYgQEAgcHJpdmF0 ZToKICAgICBmcmllbmQgY2xhc3MgVVJMUGFyc2VyOwogCiAgICAgV1RGX0VYUE9SVF9QUklWQVRF IHZvaWQgaW52YWxpZGF0ZSgpOwotICAgIHZvaWQgY29weVRvQnVmZmVyKFZlY3RvcjxjaGFyLCA1 MTI+JiBidWZmZXIpIGNvbnN0OwogICAgIHVuc2lnbmVkIGhvc3RTdGFydCgpIGNvbnN0OwogICAg IHVuc2lnbmVkIGNyZWRlbnRpYWxzRW5kKCkgY29uc3Q7CiAgICAgdm9pZCByZW1vdmUodW5zaWdu ZWQgc3RhcnQsIHVuc2lnbmVkIGxlbmd0aCk7CkluZGV4OiBTb3VyY2UvV1RGL3d0Zi9jZi9VUkxD Ri5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PQotLS0gU291cmNlL1dURi93dGYvY2YvVVJMQ0YuY3BwCShyZXZpc2lv biAyNjIxMjcpCisrKyBTb3VyY2UvV1RGL3d0Zi9jZi9VUkxDRi5jcHAJKHdvcmtpbmcgY29weSkK QEAgLTUwLDEyICs1MCwxMyBAQCBVUkw6OlVSTChDRlVSTFJlZiB1cmwpCiAjaWYgIVVTRShGT1VO REFUSU9OKQogUmV0YWluUHRyPENGVVJMUmVmPiBVUkw6OmNyZWF0ZUNGVVJMKCkgY29uc3QKIHsK LSAgICAvLyBGSVhNRTogV2hhdCBzaG91bGQgdGhpcyByZXR1cm4gZm9yIGludmFsaWQgVVJMcz8K LSAgICAvLyBDdXJyZW50bHkgaXQgdGhyb3dzIGF3YXkgdGhlIGhpZ2ggYnl0ZXMgb2YgdGhlIGNo YXJhY3RlcnMgaW4gdGhlIHN0cmluZyBpbiB0aGF0IGNhc2UsCi0gICAgLy8gd2hpY2ggaXMgY2xl YXJseSB3cm9uZy4KLSAgICBVUkxDaGFyQnVmZmVyIGJ1ZmZlcjsKLSAgICBjb3B5VG9CdWZmZXIo YnVmZmVyKTsKLSAgICBhdXRvIGNmVVJMID0gY3JlYXRlQ0ZVUkxGcm9tQnVmZmVyKGJ1ZmZlci5k YXRhKCksIGJ1ZmZlci5zaXplKCkpOworICAgIFJldGFpblB0cjxDRlVSTFJlZj4gY2ZVUkw7Cisg ICAgaWYgKExJS0VMWShtX3N0cmluZy5pczhCaXQoKSkpCisgICAgICAgIGNmVVJMID0gV1RGOjpj cmVhdGVDRlVSTEZyb21CdWZmZXIocmVpbnRlcnByZXRfY2FzdDxjb25zdCBjaGFyKj4obV9zdHJp bmcuY2hhcmFjdGVyczgoKSksIG1fc3RyaW5nLmxlbmd0aCgpKTsKKyAgICBlbHNlIHsKKyAgICAg ICAgQ1N0cmluZyB1dGY4ID0gbV9zdHJpbmcudXRmOCgpOworICAgICAgICBjZlVSTCA9IFdURjo6 Y3JlYXRlQ0ZVUkxGcm9tQnVmZmVyKHV0ZjguZGF0YSgpLCB1dGY4Lmxlbmd0aCgpKTsKKyAgICB9 CiAKICAgICBpZiAocHJvdG9jb2xJc0luSFRUUEZhbWlseSgpICYmICFpc0NGVVJMU2FtZU9yaWdp bihjZlVSTC5nZXQoKSwgKnRoaXMpKQogICAgICAgICByZXR1cm4gbnVsbHB0cjsKSW5kZXg6IFNv dXJjZS9XVEYvd3RmL2NvY29hL1VSTENvY29hLm1tCj09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XVEYv d3RmL2NvY29hL1VSTENvY29hLm1tCShyZXZpc2lvbiAyNjIxMjcpCisrKyBTb3VyY2UvV1RGL3d0 Zi9jb2NvYS9VUkxDb2NvYS5tbQkod29ya2luZyBjb3B5KQpAQCAtNjksMTUgKzY5LDExIEBAIFJl dGFpblB0cjxDRlVSTFJlZj4gVVJMOjpjcmVhdGVDRlVSTCgpIGMKICAgICB9CiAKICAgICBSZXRh aW5QdHI8Q0ZVUkxSZWY+IGNmVVJMOwotCi0gICAgLy8gRmFzdCBwYXRoIGlmIHRoZSBpbnB1dCBk YXRhIGlzIDgtYml0IHRvIGF2b2lkIGNvcHlpbmcgaW50byBhIHRlbXBvcmFyeSBidWZmZXIuCiAg ICAgaWYgKExJS0VMWShtX3N0cmluZy5pczhCaXQoKSkpCiAgICAgICAgIGNmVVJMID0gV1RGOjpj cmVhdGVDRlVSTEZyb21CdWZmZXIocmVpbnRlcnByZXRfY2FzdDxjb25zdCBjaGFyKj4obV9zdHJp bmcuY2hhcmFjdGVyczgoKSksIG1fc3RyaW5nLmxlbmd0aCgpKTsKICAgICBlbHNlIHsKLSAgICAg ICAgLy8gU2xvd2VyIHBhdGguCi0gICAgICAgIFdURjo6VVJMQ2hhckJ1ZmZlciBidWZmZXI7Ci0g ICAgICAgIGNvcHlUb0J1ZmZlcihidWZmZXIpOwotICAgICAgICBjZlVSTCA9IFdURjo6Y3JlYXRl Q0ZVUkxGcm9tQnVmZmVyKGJ1ZmZlci5kYXRhKCksIGJ1ZmZlci5zaXplKCkpOworICAgICAgICBD U3RyaW5nIHV0ZjggPSBtX3N0cmluZy51dGY4KCk7CisgICAgICAgIGNmVVJMID0gV1RGOjpjcmVh dGVDRlVSTEZyb21CdWZmZXIodXRmOC5kYXRhKCksIHV0ZjgubGVuZ3RoKCkpOwogICAgIH0KIAog ICAgIGlmIChwcm90b2NvbElzSW5IVFRQRmFtaWx5KCkgJiYgIVdURjo6aXNDRlVSTFNhbWVPcmln aW4oY2ZVUkwuZ2V0KCksICp0aGlzKSkKSW5kZXg6IFRvb2xzL0NoYW5nZUxvZwo9PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 Ci0tLSBUb29scy9DaGFuZ2VMb2cJKHJldmlzaW9uIDI2MjE2OSkKKysrIFRvb2xzL0NoYW5nZUxv Zwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE0IEBACisyMDIwLTA1LTI2ICBBbGV4IENocmlz dGVuc2VuICA8YWNocmlzdGVuc2VuQHdlYmtpdC5vcmc+CisKKyAgICAgICAgVVRGLTggZW5jb2Rl IHN0cmluZ3Mgb2YgaW52YWxpZCBVUkxzIHdoZW4gY29udmVydGluZyBXVEY6OlVSTCB0byBOU1VS TCBpbnN0ZWFkIG9mIHRydW5jYXRpbmcgdGhlIFVURi0xNiBlbmNvZGluZworICAgICAgICBodHRw czovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MjEyMzkzCisgICAgICAgIDxyZGFy Oi8vcHJvYmxlbS82MzA5NTUwMz4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMh KS4KKworICAgICAgICAqIFRlc3RXZWJLaXRBUEkvVGVzdHMvV1RGL2NvY29hL1VSTEV4dHJhcy5t bToKKyAgICAgICAgKFRlc3RXZWJLaXRBUEk6OlRFU1QpOgorCiAyMDIwLTA1LTI2ICBNYXJrIExh bSAgPG1hcmsubGFtQGFwcGxlLmNvbT4KIAogICAgICAgICBFbmhhbmNlIEJpdG1hcDo6c2V0RWFj aE50aEJpdCgpIHRvIGFsc28gdGFrZSBhbiBlbmQgaW5kZXguCkluZGV4OiBUb29scy9UZXN0V2Vi S2l0QVBJL1Rlc3RzL1dURi9jb2NvYS9VUkxFeHRyYXMubW0KPT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gVG9vbHMv VGVzdFdlYktpdEFQSS9UZXN0cy9XVEYvY29jb2EvVVJMRXh0cmFzLm1tCShyZXZpc2lvbiAyNjIx MjcpCisrKyBUb29scy9UZXN0V2ViS2l0QVBJL1Rlc3RzL1dURi9jb2NvYS9VUkxFeHRyYXMubW0J KHdvcmtpbmcgY29weSkKQEAgLTI0LDggKzI0LDkgQEAKICAqLwogCiAjaW1wb3J0ICJjb25maWcu aCIKLSNpbXBvcnQgPHd0Zi9VUkwuaD4KIAorI2ltcG9ydCAiV1RGU3RyaW5nVXRpbGl0aWVzLmgi CisjaW1wb3J0IDx3dGYvVVJMLmg+CiAjaW1wb3J0IDx3dGYvVmVjdG9yLmg+CiAjaW1wb3J0IDx3 dGYvY29jb2EvTlNVUkxFeHRyYXMuaD4KICNpbXBvcnQgPHd0Zi9jb2NvYS9WZWN0b3JDb2NvYS5o PgpAQCAtMjAzLDYgKzIwNCw5IEBAIFRFU1QoV1RGX1VSTEV4dHJhcywgVVJMRXh0cmFzX1BhcnNp bmdFcnIKIAogICAgIE5TU3RyaW5nICplbmNvZGVkSG9zdE5hbWUgPSBXVEY6OmVuY29kZUhvc3RO YW1lKEAiaHR0cDovL++jvy5jb20iKTsKICAgICBFWFBFQ1RfVFJVRShlbmNvZGVkSG9zdE5hbWUg PT0gbmlsKTsKKworICAgIFdURjo6VVJMIHVybDIoVVJMKCksIHV0ZjE2U3RyaW5nKHUiaHR0cDov L1x1MjI2N1x1MjIyRVx1RkU2MyIpKTsKKyAgICBFWFBFQ1RfU1RSRVEoW1t1cmwyIGFic29sdXRl U3RyaW5nXSBVVEY4U3RyaW5nXSwgImh0dHA6Ly8lRTIlODklQTclRTIlODglQUUlRUYlQjklQTMi KTsKIH0KIAogVEVTVChXVEZfVVJMRXh0cmFzLCBVUkxFeHRyYXNfTmlsKQo= 400398 2020-05-27 15:52:36 -0700 2020-05-27 21:55:22 -0700 add more tests patch text/plain 1676 achristensen SW5kZXg6IFRvb2xzL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBUb29scy9DaGFuZ2VMb2cJKHJl dmlzaW9uIDI2MjIyMCkKKysrIFRvb2xzL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwz ICsxLDEzIEBACisyMDIwLTA1LTI3ICBBbGV4IENocmlzdGVuc2VuICA8YWNocmlzdGVuc2VuQHdl YmtpdC5vcmc+CisKKyAgICAgICAgQWRkIHRlc3QgdmVyaWZ5aW5nIGJlaGF2aW9yIG9mIG5vbi1B U0NJSSBMYXRpbjEgY2hhcmFjdGVyIGluIGludmFsaWQgVVJMIGNvbnZlcnRlZCB0byBOU1VSTAor ICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MjEyMzkzCisK KyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgKiBUZXN0V2Vi S2l0QVBJL1Rlc3RzL1dURi9jb2NvYS9VUkxFeHRyYXMubW06CisgICAgICAgIChUZXN0V2ViS2l0 QVBJOjpURVNUKToKKwogMjAyMC0wNS0yNyAgS2VubmV0aCBSdXNzZWxsICA8a2JyQGNocm9taXVt Lm9yZz4KIAogICAgICAgICBVcGRhdGUgTW9iaWxlTWluaUJyb3dzZXIgcHJvamVjdCBzZXR0aW5n cyB0byBjdXJyZW50IFhjb2RlCkluZGV4OiBUb29scy9UZXN0V2ViS2l0QVBJL1Rlc3RzL1dURi9j b2NvYS9VUkxFeHRyYXMubW0KPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gVG9vbHMvVGVzdFdlYktpdEFQSS9UZXN0 cy9XVEYvY29jb2EvVVJMRXh0cmFzLm1tCShyZXZpc2lvbiAyNjIxMjcpCisrKyBUb29scy9UZXN0 V2ViS2l0QVBJL1Rlc3RzL1dURi9jb2NvYS9VUkxFeHRyYXMubW0JKHdvcmtpbmcgY29weSkKQEAg LTIwMyw2ICsyMDMsMjAgQEAKIAogICAgIE5TU3RyaW5nICplbmNvZGVkSG9zdE5hbWUgPSBXVEY6 OmVuY29kZUhvc3ROYW1lKEAiaHR0cDovL++jvy5jb20iKTsKICAgICBFWFBFQ1RfVFJVRShlbmNv ZGVkSG9zdE5hbWUgPT0gbmlsKTsKKworICAgIFdURjo6VVJMIHVybDIoVVJMKCksIHV0ZjE2U3Ry aW5nKHUiaHR0cDovL1x1MjI2N1x1MjIyRVx1RkU2MyIpKTsKKyAgICBFWFBFQ1RfU1RSRVEoW1t1 cmwyIGFic29sdXRlU3RyaW5nXSBVVEY4U3RyaW5nXSwgImh0dHA6Ly8lRTIlODklQTclRTIlODgl QUUlRUYlQjklQTMiKTsKKworICAgIHN0ZDo6YXJyYXk8VUNoYXIsIDI+IHV0ZjE2IHsgMHgwMEI2 LCAweDAwMDAgfTsKKyAgICBXVEY6OlVSTCB1cmwzKFVSTCgpLCBTdHJpbmcodXRmMTYuZGF0YSgp KSk7CisgICAgRVhQRUNUX0ZBTFNFKHVybDMuc3RyaW5nKCkuaXM4Qml0KCkpOworICAgIEVYUEVD VF9GQUxTRSh1cmwzLmlzVmFsaWQoKSk7CisgICAgRVhQRUNUX1NUUkVRKFtbdXJsMyBhYnNvbHV0 ZVN0cmluZ10gVVRGOFN0cmluZ10sICIlQzIlQjYiKTsKKworICAgIFdURjo6VVJMIHVybDQoVVJM KCksICLCtiIpOworICAgIEVYUEVDVF9GQUxTRSh1cmw0LmlzVmFsaWQoKSk7CisgICAgRVhQRUNU X1RSVUUodXJsNC5zdHJpbmcoKS5pczhCaXQoKSk7CisgICAgRVhQRUNUX1NUUkVRKFtbdXJsNCBh YnNvbHV0ZVN0cmluZ10gVVRGOFN0cmluZ10sICIlQzIlQjYiKTsKIH0KIAogVEVTVChXVEZfVVJM RXh0cmFzLCBVUkxFeHRyYXNfTmlsKQo=