[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] 01/05: testcurl: fixed checking response headers as null
From: |
gnunet |
Subject: |
[libmicrohttpd] 01/05: testcurl: fixed checking response headers as null-terminated string |
Date: |
Sat, 26 Nov 2022 18:08:15 +0100 |
This is an automated email from the git hooks/post-receive script.
karlson2k pushed a commit to branch master
in repository libmicrohttpd.
commit a37a83ff3ea2249b87176113dfb3e4ae2fec524e
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
AuthorDate: Mon Nov 7 11:49:36 2022 +0300
testcurl: fixed checking response headers as null-terminated string
---
src/testcurl/test_get_close_keep_alive.c | 6 +++---
src/testcurl/test_head.c | 12 ++++++++++--
src/testcurl/test_toolarge.c | 11 ++++++++---
3 files changed, 21 insertions(+), 8 deletions(-)
diff --git a/src/testcurl/test_get_close_keep_alive.c
b/src/testcurl/test_get_close_keep_alive.c
index 2eb29285..81f7576c 100644
--- a/src/testcurl/test_get_close_keep_alive.c
+++ b/src/testcurl/test_get_close_keep_alive.c
@@ -162,7 +162,7 @@ _libcurlErrorExit_func (const char *errDesc, const char
*funcName, int lineNum)
#define HDR_CONN_CLOSE_VALUE "close"
#define HDR_CONN_CLOSE MHD_HTTP_HEADER_CONNECTION ": " \
HDR_CONN_CLOSE_VALUE
-#define HDR_CONN_KEEP_ALIVE_VALUE "keep-alive"
+#define HDR_CONN_KEEP_ALIVE_VALUE "Keep-Alive"
#define HDR_CONN_KEEP_ALIVE MHD_HTTP_HEADER_CONNECTION ": " \
HDR_CONN_KEEP_ALIVE_VALUE
@@ -255,10 +255,10 @@ lcurl_hdr_callback (char *buffer, size_t size, size_t
nitems,
strlen (MHD_HTTP_VERSION_1_0))))
check_res->found_http10 = 1;
else if ((data_size == strlen (HDR_CONN_CLOSE) + 2) &&
- (0 == strncasecmp (buffer, HDR_CONN_CLOSE "\r\n", data_size)))
+ (0 == memcmp (buffer, HDR_CONN_CLOSE "\r\n", data_size)))
check_res->found_conn_close = 1;
else if ((data_size == strlen (HDR_CONN_KEEP_ALIVE) + 2) &&
- (0 == strncasecmp (buffer, HDR_CONN_KEEP_ALIVE "\r\n", data_size)))
+ (0 == memcmp (buffer, HDR_CONN_KEEP_ALIVE "\r\n", data_size)))
check_res->found_conn_keep_alive = 1;
return data_size;
diff --git a/src/testcurl/test_head.c b/src/testcurl/test_head.c
index 3c984125..066688b6 100644
--- a/src/testcurl/test_head.c
+++ b/src/testcurl/test_head.c
@@ -274,10 +274,13 @@ lcurl_hdr_callback (char *buffer, size_t size, size_t
nitems,
int res;
const unsigned int numbers_pos =
MHD_STATICSTR_LEN_ (MHD_HTTP_HEADER_CONTENT_LENGTH ": ");
- res = snprintf (cmpbuf, sizeof(cmpbuf), "%u\r\n",
check_res->expected_size);
+ res = snprintf (cmpbuf, sizeof(cmpbuf), "%u", check_res->expected_size);
if ((res <= 0) || (res > ((int) (sizeof(cmpbuf) - 1))))
externalErrorExit ();
- if (0 != strcmp (buffer + numbers_pos, cmpbuf))
+ if (data_size - numbers_pos <= 2)
+ mhdErrorExitDesc ("Broken Content-Length");
+ else if ((((size_t) res + 2) != data_size - numbers_pos) ||
+ (0 != memcmp (buffer + numbers_pos, cmpbuf, (size_t) res)))
{
fprintf (stderr, "Wrong Content-Length.\n"
"Expected:\n%u\n"
@@ -285,6 +288,11 @@ lcurl_hdr_callback (char *buffer, size_t size, size_t
nitems,
buffer + numbers_pos);
mhdErrorExitDesc ("Wrong Content-Length");
}
+ else if (0 != memcmp ("\r\n", buffer + data_size - 2, 2))
+ {
+ mhdErrorExitDesc ("The Content-Length header is not " \
+ "terminated by CRLF");
+ }
check_res->size_found++;
}
diff --git a/src/testcurl/test_toolarge.c b/src/testcurl/test_toolarge.c
index e6c291e2..05e497a7 100644
--- a/src/testcurl/test_toolarge.c
+++ b/src/testcurl/test_toolarge.c
@@ -273,12 +273,17 @@ lcurl_hdr_callback (char *buffer, size_t size, size_t
nitems,
check_res->num_n1_headers++;
else if ((5 <= data_size) && ('0' == buffer[0]))
{
- const char *const col_ptr = strstr (buffer, ": ");
+ const char *const col_ptr = memchr (buffer, ':', data_size);
if (0 != check_res->large_header_value_size)
mhdErrorExitDesc ("Expected only one large header, " \
"but found two large headers in the reply");
- check_res->large_header_valid = 0;
- if (NULL != col_ptr)
+ if (NULL == col_ptr)
+ check_res->large_header_valid = 0;
+ else if ((size_t) (col_ptr - buffer) >= data_size - 2)
+ check_res->large_header_valid = 0;
+ else if (*(col_ptr + 1) != ' ')
+ check_res->large_header_valid = 0;
+ else
{
const char *const name = buffer;
const size_t name_len = (size_t) (col_ptr - buffer);
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [libmicrohttpd] branch master updated (1ffe7932 -> 3444792f), gnunet, 2022/11/26
- [libmicrohttpd] 02/05: test_upgrade{,_large}: fixed HTTP/1.1 compatibility, gnunet, 2022/11/26
- [libmicrohttpd] 01/05: testcurl: fixed checking response headers as null-terminated string,
gnunet <=
- [libmicrohttpd] 03/05: test_get_iovec: fixed missing include headers, gnunet, 2022/11/26
- [libmicrohttpd] 04/05: configure: fixed detection of eventfd() with new compilers builds, gnunet, 2022/11/26
- [libmicrohttpd] 05/05: Refactored user-poison: minimized scope of non-sanitized code, gnunet, 2022/11/26