Improve robustness against invalid data.

3 files changed, 12 insertions, 4 deletions

diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py
index 5a2a4f43..f0640f23 100644
--- a/libmproxy/proxy.py
+++ b/libmproxy/proxy.py
@@ -104,7 +104,6 @@ def parse_request_line(request):
     return method, scheme, host, port, path, minor
     
 
-
 class FileLike:
     def __init__(self, o):
         self.o = o
@@ -197,7 +196,10 @@ class ServerConnection:
         if not len(parts) == 3:
             raise ProxyError(502, "Invalid server response: %s."%line)
         proto, code, msg = parts
-        code = int(code)
+        try:
+            code = int(code)
+        except ValueError:
+            raise ProxyError(502, "Invalid server response: %s."%line)
         headers = flow.Headers()
         headers.read(self.rfile)
         if code >= 100 and code <= 199:
diff --git a/libmproxy/utils.py b/libmproxy/utils.py
index ecf77263..37b751dc 100644
--- a/libmproxy/utils.py
+++ b/libmproxy/utils.py
@@ -393,8 +393,11 @@ def parse_url(url):
     if not scheme:
         return None
     if ':' in netloc:
-        host, port = string.split(netloc, ':')
-        port = int(port)
+        host, port = string.rsplit(netloc, ':', maxsplit=1)
+        try:
+            port = int(port)
+        except ValueError:
+            return None
     else:
         host = netloc
         if scheme == "https":
diff --git a/test/test_utils.py b/test/test_utils.py
index 8b16e057..12917444 100644
--- a/test/test_utils.py
+++ b/test/test_utils.py
@@ -216,6 +216,9 @@ class u_parse_url(libpry.AutoTree):
         s, h, po, pa = utils.parse_url("https://foo")
         assert po == 443
 
+        assert not utils.parse_url("https://foo:bar")
+        assert not utils.parse_url("https://foo:")
+
 tests = [
     uformat_timestamp(),
     uisBin(),