Implementing suggestions from PR review

Author: root

plugins/experimental/uri_signing/parse.c

@@ -31,18 +31,26 @@
 cjose_jws_t *
 get_jws_from_uri(const char *uri, size_t uri_ct, const char *paramName)
 {
+  /* Reserved characters as defined by the URI Generic Syntax RFC: https://tools.ietf.org/html/rfc3986#section-2.2 */
   const char *reserved_string = ":/?#[]@!$&\'()*+,;=";
 
-  /* If param name ends in reserved character this will be treated as the termination sybmol when parsing for package. Default is
+  /* If param name ends in reserved character this will be treated as the termination symbol when parsing for package. Default is
    * '='. */
   char termination_symbol;
   size_t termination_ct;
-  if (strchr(reserved_string, paramName[strlen(paramName) - 1])) {
-    termination_symbol = paramName[strlen(paramName) - 1];
-    termination_ct     = strlen(paramName) + 1;
+  size_t param_ct = strlen(paramName);
+
+  if (param_ct <= 0) {
+    PluginDebug("URI signing package name cannot be empty");
+    return NULL;
+  }
+
+  if (strchr(reserved_string, paramName[param_ct - 1])) {
+    termination_symbol = paramName[param_ct - 1];
+    termination_ct     = param_ct - 1;
   } else {
     termination_symbol = '=';
-    termination_ct     = strlen(paramName);
+    termination_ct     = param_ct;
   }
 
   PluginDebug("Parsing JWS from query string: %.*s", (int)uri_ct, uri);
@@ -74,7 +82,7 @@ get_jws_from_uri(const char *uri, size_t uri_ct, const char *paramName)
     key_end = value;
 
     /* If the Parameter key is our target parameter name, attempt to import a JWS from the value. */
-    if (!strncmp(paramName, key, (size_t)(key_end - key)) && (size_t)(key_end - key) == termination_ct) {
+    if ((size_t)(key_end - key) == termination_ct && !strncmp(paramName, key, (size_t)(key_end - key))) {
       value_end = ++value;
       while (value_end != end && strchr(reserved_string, *value_end) == NULL) {
         ++value_end;