X-Git-Url: https://git.m6w6.name/?a=blobdiff_plain;f=http_message_api.c;h=7fe5aecb73d6a7f96aa8188a7c004e1b058f1d0c;hb=7ba82df3144551af4182de7e515f955b9b1a68a9;hp=74c000e58f0a11fbc131aa8c3756c33d7cd4978f;hpb=2b1bdfab2a6402e4daec69f6b7c395b0662e18d7;p=m6w6%2Fext-http

diff --git a/http_message_api.c b/http_message_api.c
index 74c000e..7fe5aec 100644
--- a/http_message_api.c
+++ b/http_message_api.c
@@ -1,16 +1,13 @@
 /*
-   +----------------------------------------------------------------------+
-   | PECL :: http                                                         |
-   +----------------------------------------------------------------------+
-   | This source file is subject to version 3.0 of the PHP license, that  |
-   | is bundled with this package in the file LICENSE, and is available   |
-   | through the world-wide-web at http://www.php.net/license/3_0.txt.    |
-   | If you did not receive a copy of the PHP license and are unable to   |
-   | obtain it through the world-wide-web, please send a note to          |
-   | license@php.net so we can mail you a copy immediately.               |
-   +----------------------------------------------------------------------+
-   | Copyright (c) 2004-2005 Michael Wallner <mike@php.net>               |
-   +----------------------------------------------------------------------+
+    +--------------------------------------------------------------------+
+    | PECL :: http                                                       |
+    +--------------------------------------------------------------------+
+    | Redistribution and use in source and binary forms, with or without |
+    | modification, are permitted provided that the conditions mentioned |
+    | in the accompanying LICENSE file are met.                          |
+    +--------------------------------------------------------------------+
+    | Copyright (c) 2004-2005, Michael Wallner <mike@php.net>            |
+    +--------------------------------------------------------------------+
 */
 
 /* $Id$ */
@@ -150,6 +147,7 @@ PHP_HTTP_API http_message *_http_message_parse_ex(http_message *msg, const char
 	if (body = http_locate_body(message)) {
 		zval *c;
 		const char *continue_at = NULL;
+		size_t remaining = message + message_length - body;
 
 		/* message has chunked transfer encoding */
 		if ((c = http_message_header(msg, "Transfer-Encoding")) && (!strcasecmp("chunked", Z_STRVAL_P(c)))) {
@@ -177,14 +175,18 @@ PHP_HTTP_API http_message *_http_message_parse_ex(http_message *msg, const char
 
 		/* message has content-length header */
 		if (c = http_message_header(msg, "Content-Length")) {
-			long len = atol(Z_STRVAL_P(c));
+			ulong len = strtoul(Z_STRVAL_P(c), NULL, 10);
+			if (len > remaining) {
+				http_error_ex(HE_NOTICE, HTTP_E_MALFORMED_HEADERS, "The Content-Length header pretends a larger body than actually received (expected %lu bytes; got %lu bytes)", len, remaining);
+				len = remaining;
+			}
 			phpstr_from_string_ex(PHPSTR(msg), body, len);
 			continue_at = body + len;
 		} else
 
 		/* message has content-range header */
 		if (c = http_message_header(msg, "Content-Range")) {
-			ulong total = 0, start = 0, end = 0;
+			ulong total = 0, start = 0, end = 0, len = 0;
 			
 			if (!strncasecmp(Z_STRVAL_P(c), "bytes=", lenof("bytes="))) {
 				char *total_at = NULL, *end_at = NULL;
@@ -196,10 +198,13 @@ PHP_HTTP_API http_message *_http_message_parse_ex(http_message *msg, const char
 					if (total_at && strncmp(total_at + 1, "*", 1)) {
 						total = strtoul(total_at + 1, NULL, 10);
 					}
-					
+					if ((len = (end + 1 - start)) > remaining) {
+						http_error_ex(HE_NOTICE, HTTP_E_MALFORMED_HEADERS, "The Content-Range header pretends a larger body than actually received (expected %lu bytes; got %lu bytes)", len, remaining);
+						len = remaining;
+					}
 					if (end >= start && (!total || end < total)) {
-						phpstr_from_string_ex(PHPSTR(msg), body, (size_t) (end + 1 - start));
-						continue_at = body + (end + 1 - start);
+						phpstr_from_string_ex(PHPSTR(msg), body, len);
+						continue_at = body + len;
 					}
 				}
 			}
@@ -211,7 +216,7 @@ PHP_HTTP_API http_message *_http_message_parse_ex(http_message *msg, const char
 
 		/* no headers that indicate content length */
 		if (HTTP_MSG_TYPE(RESPONSE, msg)) {
-			phpstr_from_string_ex(PHPSTR(msg), body, message + message_length - body);
+			phpstr_from_string_ex(PHPSTR(msg), body, remaining);
 		} else {
 			continue_at = body;
 		}
@@ -221,14 +226,14 @@ PHP_HTTP_API http_message *_http_message_parse_ex(http_message *msg, const char
 		if (c = http_message_header(msg, "Content-Encoding")) {
 			char *decoded = NULL;
 			size_t decoded_len = 0;
-#	ifdef HAVE_ZLIB
+#	if defined(HAVE_ZLIB) && !defined(HTTP_HAVE_ZLIB)
 			zval func, retval, arg, *args[1];
 			INIT_PZVAL(&func);
 			INIT_PZVAL(&retval);
 			INIT_PZVAL(&arg);
 			ZVAL_STRINGL(&func, "gzinflate", lenof("gzinflate"), 0);
 			args[0] = &arg;
-#	endif /* HAVE_ZLIB */
+#	endif /* HAVE_ZLIB && !HTTP_HAVE_ZLIB */
 
 #	define DECODE_WITH_EXT_ZLIB() \
 				if (SUCCESS == call_user_function(EG(function_table), NULL, &func, &retval, 1, args TSRMLS_CC)) { \
@@ -254,7 +259,7 @@ PHP_HTTP_API http_message *_http_message_parse_ex(http_message *msg, const char
 #	endif /* HTTP_HAVE_ZLIB */
 			}
 			
-			if (decoded && decoded_len) {
+			if (decoded) {
 				zval *len;
 				char *tmp;
 				int tmp_len;