From 1b8dfb6c3638af9ee56b190b24b06f5cc7cd70d7 Mon Sep 17 00:00:00 2001
From: Florian Bruhin <git@the-compiler.org>
Date: Wed, 14 Feb 2018 22:20:51 +0100
Subject: [PATCH] urlmatch: Disallow NUL byte

See https://bugs.chromium.org/p/chromium/issues/detail?id=390624
With Qt, we might run into the same issue as well at some point, and it sure
can't hurt to disallow it.
---
 qutebrowser/utils/urlmatch.py     | 3 +++
 tests/unit/utils/test_urlmatch.py | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/qutebrowser/utils/urlmatch.py b/qutebrowser/utils/urlmatch.py
index 43c7fa8c8..211ac0475 100644
--- a/qutebrowser/utils/urlmatch.py
+++ b/qutebrowser/utils/urlmatch.py
@@ -53,6 +53,9 @@ class UrlPattern:
             self._match_all = True
             return
 
+        if '\0' in pattern:
+            raise ValueError("May not contain NUL byte")
+
         # > If the scheme is *, then it matches either http or https, and not
         # > file, or ftp.
         # Note we deviate from that, as per-URL settings aren't security
diff --git a/tests/unit/utils/test_urlmatch.py b/tests/unit/utils/test_urlmatch.py
index de499aa87..26b4b6a59 100644
--- a/tests/unit/utils/test_urlmatch.py
+++ b/tests/unit/utils/test_urlmatch.py
@@ -45,6 +45,9 @@ from qutebrowser.utils import urlmatch
     # FIXME: should we allow this or not?
     # ("http://bar", "URLPattern::"),
 
+    # Chromium: PARSE_ERROR_INVALID_HOST
+    ("http://\0www/", "May not contain NUL byte"),
+
     # Chromium: PARSE_ERROR_INVALID_HOST_WILDCARD
     ("http://*foo/bar", "Invalid host wildcard"),
     ("http://foo.*.bar/baz", "Invalid host wildcard"),