/*
- +----------------------------------------------------------------------+
- | PECL :: http |
- +----------------------------------------------------------------------+
- | This source file is subject to version 3.0 of the PHP license, that |
- | is bundled with this package in the file LICENSE, and is available |
- | through the world-wide-web at http://www.php.net/license/3_0.txt. |
- | If you did not receive a copy of the PHP license and are unable to |
- | obtain it through the world-wide-web, please send a note to |
- | license@php.net so we can mail you a copy immediately. |
- +----------------------------------------------------------------------+
- | Copyright (c) 2004-2005 Michael Wallner <mike@php.net> |
- +----------------------------------------------------------------------+
+ +--------------------------------------------------------------------+
+ | PECL :: http |
+ +--------------------------------------------------------------------+
+ | Redistribution and use in source and binary forms, with or without |
+ | modification, are permitted provided that the conditions mentioned |
+ | in the accompanying LICENSE file are met. |
+ +--------------------------------------------------------------------+
+ | Copyright (c) 2004-2005, Michael Wallner <mike@php.net> |
+ +--------------------------------------------------------------------+
*/
/* $Id$ */
if (body = http_locate_body(message)) {
zval *c;
const char *continue_at = NULL;
+ size_t remaining = message + message_length - body;
/* message has chunked transfer encoding */
if ((c = http_message_header(msg, "Transfer-Encoding")) && (!strcasecmp("chunked", Z_STRVAL_P(c)))) {
char *tmp;
int tmp_len;
- tmp_len = (int) spprintf(&tmp, 0, "%lu", (ulong) decoded_len);
+ tmp_len = (int) spprintf(&tmp, 0, "%zu", decoded_len);
MAKE_STD_ZVAL(len);
ZVAL_STRINGL(len, tmp, tmp_len, 0);
/* message has content-length header */
if (c = http_message_header(msg, "Content-Length")) {
- long len = atol(Z_STRVAL_P(c));
+ ulong len = strtoul(Z_STRVAL_P(c), NULL, 10);
+ if (len > remaining) {
+ http_error_ex(HE_NOTICE, HTTP_E_MALFORMED_HEADERS, "The Content-Length header pretends a larger body than actually received (expected %lu bytes; got %lu bytes)", len, remaining);
+ len = remaining;
+ }
phpstr_from_string_ex(PHPSTR(msg), body, len);
continue_at = body + len;
} else
/* message has content-range header */
if (c = http_message_header(msg, "Content-Range")) {
- ulong total = 0, start = 0, end = 0;
+ ulong total = 0, start = 0, end = 0, len = 0;
- if (!strncasecmp(Z_STRVAL_P(c), "bytes=", lenof("bytes="))) {
+ if (!strncasecmp(Z_STRVAL_P(c), "bytes", lenof("bytes")) &&
+ (Z_STRVAL_P(c)[lenof("bytes")] == '=' || Z_STRVAL_P(c)[lenof("bytes")] == ' ')) {
char *total_at = NULL, *end_at = NULL;
char *start_at = Z_STRVAL_P(c) + lenof("bytes=");
if (total_at && strncmp(total_at + 1, "*", 1)) {
total = strtoul(total_at + 1, NULL, 10);
}
-
+ if ((len = (end + 1 - start)) > remaining) {
+ http_error_ex(HE_NOTICE, HTTP_E_MALFORMED_HEADERS, "The Content-Range header pretends a larger body than actually received (expected %lu bytes; got %lu bytes)", len, remaining);
+ len = remaining;
+ }
if (end >= start && (!total || end < total)) {
- phpstr_from_string_ex(PHPSTR(msg), body, (size_t) (end + 1 - start));
- continue_at = body + (end + 1 - start);
+ phpstr_from_string_ex(PHPSTR(msg), body, len);
+ continue_at = body + len;
}
}
}
/* no headers that indicate content length */
if (HTTP_MSG_TYPE(RESPONSE, msg)) {
- phpstr_from_string_ex(PHPSTR(msg), body, message + message_length - body);
+ phpstr_from_string_ex(PHPSTR(msg), body, remaining);
} else {
continue_at = body;
}
if (c = http_message_header(msg, "Content-Encoding")) {
char *decoded = NULL;
size_t decoded_len = 0;
-# ifdef HAVE_ZLIB
+# if defined(HAVE_ZLIB) && !defined(HTTP_HAVE_ZLIB)
zval func, retval, arg, *args[1];
INIT_PZVAL(&func);
INIT_PZVAL(&retval);
INIT_PZVAL(&arg);
ZVAL_STRINGL(&func, "gzinflate", lenof("gzinflate"), 0);
args[0] = &arg;
-# endif /* HAVE_ZLIB */
+# endif /* HAVE_ZLIB && !HTTP_HAVE_ZLIB */
# define DECODE_WITH_EXT_ZLIB() \
if (SUCCESS == call_user_function(EG(function_table), NULL, &func, &retval, 1, args TSRMLS_CC)) { \
# endif /* HTTP_HAVE_ZLIB */
}
- if (decoded && decoded_len) {
+ if (decoded) {
zval *len;
char *tmp;
int tmp_len;
- tmp_len = (int) spprintf(&tmp, 0, "%lu", (ulong) decoded_len);
+ tmp_len = (int) spprintf(&tmp, 0, "%zu", decoded_len);
MAKE_STD_ZVAL(len);
ZVAL_STRINGL(len, tmp, tmp_len, 0);
char *key, *data;
ulong idx;
zval **header;
+ HashPosition pos1;
phpstr_init_ex(&str, 4096, 0);
break;
}
- FOREACH_HASH_KEYVAL(&msg->hdrs, key, idx, header) {
+ FOREACH_HASH_KEYVAL(pos1, &msg->hdrs, key, idx, header) {
if (key) {
zval **single_header;
break;
case IS_ARRAY:
- FOREACH_VAL(*header, single_header) {
+ {
+ HashPosition pos2;
+ FOREACH_VAL(pos2, *header, single_header) {
phpstr_appendf(&str, "%s: %s" HTTP_CRLF, key, Z_STRVAL_PP(single_header));
}
+ }
break;
}
char *key;
ulong idx;
zval **val;
+ HashPosition pos1;
- FOREACH_HASH_KEYVAL(&message->hdrs, key, idx, val) {
+ FOREACH_HASH_KEYVAL(pos1, &message->hdrs, key, idx, val) {
if (key) {
if (Z_TYPE_PP(val) == IS_ARRAY) {
zend_bool first = 1;
zval **data;
+ HashPosition pos2;
- FOREACH_VAL(*val, data) {
+ FOREACH_VAL(pos2, *val, data) {
http_send_header_ex(key, strlen(key), Z_STRVAL_PP(data), Z_STRLEN_PP(data), first, NULL);
first = 0;
}