[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r25267 - in libmicrohttpd: . src/daemon src/include
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r25267 - in libmicrohttpd: . src/daemon src/include |
|
Date: |
Wed, 5 Dec 2012 19:28:17 +0100 |
Author: grothoff
Date: 2012-12-05 19:28:17 +0100 (Wed, 05 Dec 2012)
New Revision: 25267
Modified:
libmicrohttpd/AUTHORS
libmicrohttpd/ChangeLog
libmicrohttpd/config.guess
libmicrohttpd/configure.ac
libmicrohttpd/src/daemon/postprocessor.c
libmicrohttpd/src/include/microhttpd.h
Log:
Matthew Mundell wrote:
Hi
We've been having some mysterious parameter loss of POST parameters in
OpenVAS's GSA. This only happens with IE8 and Chrome. We saw this with
libmicrohttpd 0.9.19 and 0.9.20.
The cause looks to be an error in libmicrohttpd. Patch to 0.9.20 to
resolve below.
In post_process_multipart in postprocessor.c the PP_Init state calls
find_boundary to find the first boundary. If there is junk before the
first boundary it just reads over the junk. However, it is also reading
over the actual boundary when there was too little data to determine
whether the next character is the start of the boundary.
In the error case Chrome seems to sends the POST request in multiple
writes. The first chunk includes a single "-" from the first boundary at
end of the headers. Thus libmicrohttpd has a partial boundary to deal
with.
I guess Chrome intends to send just the headers but gets the count wrong
due to sending the initial P of the POST on its own (all the browsers do
that for some reason). Firefox on the other hand sends the headers and the
body in a single write, so it always works.
Thanks, and thanks for libmicrohttpd!
Matt
Modified: libmicrohttpd/AUTHORS
===================================================================
--- libmicrohttpd/AUTHORS 2012-12-05 16:39:04 UTC (rev 25266)
+++ libmicrohttpd/AUTHORS 2012-12-05 18:28:17 UTC (rev 25267)
@@ -39,6 +39,7 @@
Steve Wolf <address@hidden>
Brecht Sanders <address@hidden>
Jan Janak <address@hidden>
+Matthew Mundell <address@hidden>
Documentation contributions also came from:
Marco Maggi <address@hidden>
Modified: libmicrohttpd/ChangeLog
===================================================================
--- libmicrohttpd/ChangeLog 2012-12-05 16:39:04 UTC (rev 25266)
+++ libmicrohttpd/ChangeLog 2012-12-05 18:28:17 UTC (rev 25267)
@@ -1,3 +1,11 @@
+Wed Dec 5 19:22:26 CET 2012
+ Fixing parameter loss of POST parameters with IE8 and Chrome
+ in the PostProcessor as the code failed to properly handle
+ partial data. -MM
+
+Fri Nov 9 21:36:46 CET 2012
+ Releasing libmicrohttpd 0.9.23. -CG
+
Thu Nov 8 22:32:59 CET 2012
Ship our own version of tsearch and friends if not provided by platform,
so that MHD works nicely on Android. -JJ
Modified: libmicrohttpd/config.guess
===================================================================
--- libmicrohttpd/config.guess 2012-12-05 16:39:04 UTC (rev 25266)
+++ libmicrohttpd/config.guess 2012-12-05 18:28:17 UTC (rev 25267)
@@ -4,7 +4,7 @@
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
# 2011, 2012 Free Software Foundation, Inc.
-timestamp='2012-09-25'
+timestamp='2012-08-14'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
@@ -306,7 +306,7 @@
arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
echo arm-acorn-riscix${UNAME_RELEASE}
exit ;;
- arm*:riscos:*:*|arm*:RISCOS:*:*)
+ arm:riscos:*:*|arm:RISCOS:*:*)
echo arm-unknown-riscos
exit ;;
SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*)
Modified: libmicrohttpd/configure.ac
===================================================================
--- libmicrohttpd/configure.ac 2012-12-05 16:39:04 UTC (rev 25266)
+++ libmicrohttpd/configure.ac 2012-12-05 18:28:17 UTC (rev 25267)
@@ -21,14 +21,14 @@
#
#
AC_PREREQ(2.57)
-AC_INIT([libmicrohttpd], [0.9.22],address@hidden)
+AC_INIT([libmicrohttpd], [0.9.23],address@hidden)
AM_INIT_AUTOMAKE([silent-rules])
AM_CONFIG_HEADER([MHD_config.h])
AC_CONFIG_MACRO_DIR([m4])
AH_TOP([#define _GNU_SOURCE 1])
LIB_VERSION_CURRENT=26
-LIB_VERSION_REVISION=1
+LIB_VERSION_REVISION=2
LIB_VERSION_AGE=16
AC_SUBST(LIB_VERSION_CURRENT)
AC_SUBST(LIB_VERSION_REVISION)
Modified: libmicrohttpd/src/daemon/postprocessor.c
===================================================================
--- libmicrohttpd/src/daemon/postprocessor.c 2012-12-05 16:39:04 UTC (rev
25266)
+++ libmicrohttpd/src/daemon/postprocessor.c 2012-12-05 18:28:17 UTC (rev
25267)
@@ -494,6 +494,7 @@
{
if (pp->buffer_pos == pp->buffer_size)
pp->state = PP_Error; /* out of memory */
+ ++(*ioffptr);
return MHD_NO; /* not enough data */
}
if ((0 != memcmp ("--", buf, 2)) || (0 != memcmp (&buf[2], boundary, blen)))
@@ -841,12 +842,11 @@
* > anything that appears before the first boundary delimiter
* > line or after the last one.
*/
- if (MHD_NO == find_boundary (pp,
- pp->boundary,
- pp->blen,
- &ioff,
- PP_ProcessEntryHeaders, PP_Done))
- ++ioff;
+ (void) find_boundary (pp,
+ pp->boundary,
+ pp->blen,
+ &ioff,
+ PP_ProcessEntryHeaders, PP_Done);
break;
case PP_NextBoundary:
if (MHD_NO == find_boundary (pp,
Modified: libmicrohttpd/src/include/microhttpd.h
===================================================================
--- libmicrohttpd/src/include/microhttpd.h 2012-12-05 16:39:04 UTC (rev
25266)
+++ libmicrohttpd/src/include/microhttpd.h 2012-12-05 18:28:17 UTC (rev
25267)
@@ -106,7 +106,7 @@
/**
* Current version of the library.
*/
-#define MHD_VERSION 0x00091600
+#define MHD_VERSION 0x00091700
/**
* MHD-internal return code for "YES".
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r25267 - in libmicrohttpd: . src/daemon src/include,
gnunet <=