Mirrors
/
uBlock
mirror of https://github.com/gorhill/uBlock.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Detect bad queryprune values 

`queryprune=` values are used as literal regex
value after converting leading/trailing `|` into
`^`/`$`.
This commit is contained in:
Raymond Hill 2020-11-11 08:15:39 -05:00
parent 8cc3779fb3
commit cfb050f521
No known key found for this signature in database
GPG Key ID: 25E1490B761470C2
1 changed files with 26 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/js/static-filtering-parser.js
View File

@ -866,6 +866,7 @@ const Parser = class {
return i;
}
// Important: the from-to indices are inclusive.
strFromSlices(from, to) {
return this.raw.slice(
this.slices[from+1],
@ -2396,10 +2397,17 @@ const NetOptionsIterator = class {
// `queryprune=`: only for network requests.
{
const i = this.tokenPos[OPTTokenQueryprune];
if ( i !== -1 && hasBits(allBits, OPTNonNetworkType) ) {
optSlices[i] = OPTTokenInvalid;
if ( this.interactive ) {
this.parser.errorSlices(optSlices[i+1], optSlices[i+5]);
if ( i !== -1 ) {
if ( hasBits(allBits, OPTNonNetworkType) ) {
optSlices[i] = OPTTokenInvalid;
if ( this.interactive ) {
this.parser.errorSlices(optSlices[i+1], optSlices[i+5]);
}
} else if ( this.validateQueryPruneArg(i) === false ) {
optSlices[i] = OPTTokenInvalid;
if ( this.interactive ) {
this.parser.errorSlices(optSlices[i+4], optSlices[i+5]);
}
}
}
}
@ -2442,6 +2450,20 @@ const NetOptionsIterator = class {
this.readPtr = i + 6;
return this;
}
validateQueryPruneArg(i) {
let val = this.parser.strFromSlices(
this.optSlices[i+4],
this.optSlices[i+5] - 3
);
if ( val.startsWith('|') ) { val = `^${val.slice(1)}`; }
if ( val.endsWith('|') ) { val = `${val.slice(0,-1)}$`; }
try {
void new RegExp(val);
} catch(ex) {
return false;
}
return true;
}
};
/******************************************************************************/