-
Vaclav Brozek authored
When a GURL's path is canonicalized, the code is trying to handle nested escape sequences. It keeps the index of the last seemingly invalid "%" in a variable called last_invalid_percent_index, so that ssequences like "%%41B" can be transformed to "%AB". However, it can happen, that an already output part of the path is invalidated and cut off, such as in "abc/../", which is equivalent to "". The bug in the current code is that last_invalid_percent_index is not reset if the part of the output which it points to gets invalidated. This resulted in the mysterious inserting of the hex code of "%" in the middle of the escape sequence of ">" when canonicalizing the path "5%/../>%41". This CL simply makes sure that last_invalid_percent_index is reset whenever it points beyond the end of the current output. Bug: 1080890 Change-Id: I04a5246ecbb66b645d796ec88babd74383d18661 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2587060 Auto-Submit: Vaclav Brozek <vabr@chromium.org> Reviewed-by:
Daniel Cheng <dcheng@chromium.org> Commit-Queue: Daniel Cheng <dcheng@chromium.org> Cr-Commit-Position: refs/heads/master@{#837031}
295d736c
