[system.net.http] Update range checks for invalid characters. Fixes #18800

diff --git a/mcs/class/System.Net.Http/System.Net.Http.Headers/Lexer.cs b/mcs/class/System.Net.Http/System.Net.Http.Headers/Lexer.cs
index 1865d876a5de5bcc71ac39f32d84a157eae78b80..5bf97d0b96f9cf613fcf4a8a309a0731707b0f22 100644 (file)
--- a/mcs/class/System.Net.Http/System.Net.Http.Headers/Lexer.cs
+++ b/mcs/class/System.Net.Http/System.Net.Http.Headers/Lexer.cs
@@ -94,7 +94,7 @@ namespace System.Net.Http.Headers
                        /*90*/  true, false, false, false, true, true, true, true, true, true,
                        /*100*/ true, true, true, true, true, true, true, true, true, true,
                        /*110*/ true, true, true, true, true, true, true, true, true, true,
-                       /*120*/ true, true, true, false, true, false
+                       /*120*/ true, true, true, false, true, false, true
                        };
 
                static readonly int last_token_char = token_chars.Length;
@@ -202,7 +202,7 @@ namespace System.Net.Http.Headers
 
                public static bool IsValidCharacter (char input)
                {
-                       return input <= last_token_char && token_chars[input];
+                       return input < last_token_char && token_chars[input];
                }
 
                public void EatChar ()
@@ -297,18 +297,11 @@ namespace System.Net.Http.Headers
                                        // Quoted string
                                        start = pos - 1;
                                        while (pos < s.Length) {
-                                               ch = s[pos];
+                                               ch = s [pos++];
                                                if (ch == '"') {
-                                                       ++pos;
                                                        ttype = Token.Type.QuotedString;
                                                        break;
                                                }
-
-                                               // any OCTET except CTLs, but including LWS
-                                               if (ch < 32 || ch > 126)
-                                                       break;
-
-                                               ++pos;
                                        }
 
                                        break;
@@ -317,13 +310,13 @@ namespace System.Net.Http.Headers
                                        ttype = Token.Type.OpenParens;
                                        break;
                                default:
-                                       if (ch <= last_token_char && token_chars[ch]) {
+                                       if (ch < last_token_char && token_chars[ch]) {
                                                start = pos - 1;
 
                                                ttype = Token.Type.Token;
                                                while (pos < s.Length) {
                                                        ch = s[pos];
-                                                       if (ch > last_token_char || !token_chars[ch]) {
+                                                       if (ch >= last_token_char || !token_chars[ch]) {
                                                                break;
                                                        }
 

diff --git a/mcs/class/System.Net.Http/Test/System.Net.Http.Headers/ContentDispositionHeaderValueTest.cs b/mcs/class/System.Net.Http/Test/System.Net.Http.Headers/ContentDispositionHeaderValueTest.cs
index dfa4c5a1289754057dcb83c25605f6f22dee94f9..18d582b00b7d26770021362db9d2c3e79730e7f7 100644 (file)
--- a/mcs/class/System.Net.Http/Test/System.Net.Http.Headers/ContentDispositionHeaderValueTest.cs
+++ b/mcs/class/System.Net.Http/Test/System.Net.Http.Headers/ContentDispositionHeaderValueTest.cs
@@ -223,6 +223,14 @@ namespace MonoTests.System.Net.Http.Headers
                        value.FileName = "\"quoted\"";
                        Assert.AreEqual ("\"quoted\"", value.FileName, "#41");
                        Assert.AreEqual (new NameValueHeaderValue ("filename", "\"quoted\""), value.Parameters.First (), "#42");
+
+                       value.FileName = "~";
+                       Assert.AreEqual ("~", value.FileName, "#51");
+                       Assert.AreEqual (new NameValueHeaderValue ("filename", "~"), value.Parameters.First (), "#52");
+
+                       value.FileName = "\x7f";
+                       Assert.AreEqual ("\"\x7f\"", value.FileName, "#61");
+                       Assert.AreEqual (new NameValueHeaderValue ("filename", "\"\x7f\""), value.Parameters.First (), "#62");
                }
 
                [Test]

diff --git a/mcs/class/System.Net.Http/Test/System.Net.Http.Headers/NameValueHeaderValueTest.cs b/mcs/class/System.Net.Http/Test/System.Net.Http.Headers/NameValueHeaderValueTest.cs
index 32cf785a0e9d5ffbdfd042d99926c6edea25c7f9..7de0ccdb2ae9272db825e07d8c8848dcedb98b7a 100644 (file)
--- a/mcs/class/System.Net.Http/Test/System.Net.Http.Headers/NameValueHeaderValueTest.cs
+++ b/mcs/class/System.Net.Http/Test/System.Net.Http.Headers/NameValueHeaderValueTest.cs
@@ -51,6 +51,30 @@ namespace MonoTests.System.Net.Http.Headers
                                Assert.Fail ("#2");
                        } catch (FormatException) {
                        }
+
+                       try {
+                               new NameValueHeaderValue ("\x7f", null);
+                               Assert.Fail ("#3");
+                       } catch (FormatException) {
+                       }
+
+                       try {
+                               new NameValueHeaderValue ("arg", "\x7f");
+                               Assert.Fail ("#4");
+                       } catch (FormatException) {
+                       }
+               }
+
+               [Test]
+               public void Ctor_ValidArguments ()
+               {
+                       NameValueHeaderValue nvh;
+                       
+                       nvh = new NameValueHeaderValue ("arg", "~");
+                       Assert.AreEqual ("~", nvh.Value, "#1");
+                       
+                       nvh = new NameValueHeaderValue ("arg", "\"\x7f\x80\"");
+                       Assert.AreEqual ("\"\x7f\x80\"", nvh.Value, "#2");
                }
 
                [Test]