projects / m6w6 / ext-http / blob
? search:
summary | shortlog | log | commit | commitdiff | tree | github
history | raw | HEAD
let the header parser fail more accurately
[m6w6/ext-http] / php_http_header_parser.c
1 /*
2 +--------------------------------------------------------------------+
3 | PECL :: http |
4 +--------------------------------------------------------------------+
5 | Redistribution and use in source and binary forms, with or without |
6 | modification, are permitted provided that the conditions mentioned |
7 | in the accompanying LICENSE file are met. |
8 +--------------------------------------------------------------------+
9 | Copyright (c) 2004-2014, Michael Wallner <mike@php.net> |
10 +--------------------------------------------------------------------+
11 */
12
13 #include "php_http_api.h"
14
15 #ifndef DBG_PARSER
16 # define DBG_PARSER 0
17 #endif
18
19 typedef struct php_http_header_parser_state_spec {
20 php_http_header_parser_state_t state;
21 unsigned need_data:1;
22 } php_http_header_parser_state_spec_t;
23
24 static const php_http_header_parser_state_spec_t php_http_header_parser_states[] = {
25 {PHP_HTTP_HEADER_PARSER_STATE_START, 1},
26 {PHP_HTTP_HEADER_PARSER_STATE_KEY, 1},
27 {PHP_HTTP_HEADER_PARSER_STATE_VALUE, 1},
28 {PHP_HTTP_HEADER_PARSER_STATE_VALUE_EX, 0},
29 {PHP_HTTP_HEADER_PARSER_STATE_HEADER_DONE, 0},
30 {PHP_HTTP_HEADER_PARSER_STATE_DONE, 0}
31 };
32
33 php_http_header_parser_t *php_http_header_parser_init(php_http_header_parser_t *parser TSRMLS_DC)
34 {
35 if (!parser) {
36 parser = emalloc(sizeof(*parser));
37 }
38 memset(parser, 0, sizeof(*parser));
39
40 TSRMLS_SET_CTX(parser->ts);
41
42 return parser;
43 }
44
45 php_http_header_parser_state_t php_http_header_parser_state_push(php_http_header_parser_t *parser, unsigned argc, ...)
46 {
47 va_list va_args;
48 unsigned i;
49 php_http_header_parser_state_t state = 0;
50
51 /* short circuit */
52 ZEND_PTR_STACK_RESIZE_IF_NEEDED((&parser->stack), argc);
53
54 va_start(va_args, argc);
55 for (i = 0; i < argc; ++i) {
56 state = va_arg(va_args, php_http_header_parser_state_t);
57 zend_ptr_stack_push(&parser->stack, (void *) state);
58 }
59 va_end(va_args);
60
61 return state;
62 }
63
64 php_http_header_parser_state_t php_http_header_parser_state_is(php_http_header_parser_t *parser)
65 {
66 if (parser->stack.top) {
67 return (php_http_header_parser_state_t) parser->stack.elements[parser->stack.top - 1];
68 }
69
70 return PHP_HTTP_HEADER_PARSER_STATE_START;
71 }
72
73 php_http_header_parser_state_t php_http_header_parser_state_pop(php_http_header_parser_t *parser)
74 {
75 if (parser->stack.top) {
76 return (php_http_header_parser_state_t) zend_ptr_stack_pop(&parser->stack);
77 }
78
79 return PHP_HTTP_HEADER_PARSER_STATE_START;
80 }
81
82 void php_http_header_parser_dtor(php_http_header_parser_t *parser)
83 {
84 zend_ptr_stack_destroy(&parser->stack);
85 php_http_info_dtor(&parser->info);
86 PTR_FREE(parser->_key.str);
87 PTR_FREE(parser->_val.str);
88 }
89
90 void php_http_header_parser_free(php_http_header_parser_t **parser)
91 {
92 if (*parser) {
93 php_http_header_parser_dtor(*parser);
94 efree(*parser);
95 *parser = NULL;
96 }
97 }
98
99 STATUS php_http_header_parser_parse(php_http_header_parser_t *parser, php_http_buffer_t *buffer, unsigned flags, HashTable *headers, php_http_info_callback_t callback_func, void *callback_arg)
100 {
101 TSRMLS_FETCH_FROM_CTX(parser->ts);
102
103 while (buffer->used || !php_http_header_parser_states[php_http_header_parser_state_is(parser)].need_data) {
104 #if DBG_PARSER
105 const char *state[] = {"START", "KEY", "VALUE", "VALUE_EX", "HEADER_DONE", "DONE"};
106 fprintf(stderr, "#HP: %s (avail:%zu, num:%d cleanup:%u)\n", php_http_header_parser_state_is(parser) < 0 ? "FAILURE" : state[php_http_header_parser_state_is(parser)], buffer->used, headers?zend_hash_num_elements(headers):0, flags);
107 _dpf(0, buffer->data, buffer->used);
108 #endif
109 switch (php_http_header_parser_state_pop(parser)) {
110 case PHP_HTTP_HEADER_PARSER_STATE_FAILURE:
111 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to parse headers");
112 return php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_FAILURE);
113
114 case PHP_HTTP_HEADER_PARSER_STATE_START: {
115 char *ptr = buffer->data;
116
117 while (ptr - buffer->data < buffer->used && PHP_HTTP_IS_CTYPE(space, *ptr)) {
118 ++ptr;
119 }
120
121 php_http_buffer_cut(buffer, 0, ptr - buffer->data);
122 php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_KEY);
123 break;
124 }
125
126 case PHP_HTTP_HEADER_PARSER_STATE_KEY: {
127 const char *colon, *eol_str = NULL;
128 int eol_len = 0;
129
130 if (buffer->data == (eol_str = php_http_locate_bin_eol(buffer->data, buffer->used, &eol_len))) {
131 /* end of headers */
132 php_http_buffer_cut(buffer, 0, eol_len);
133 php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_DONE);
134 } else if (php_http_info_parse(&parser->info, php_http_buffer_fix(buffer)->data TSRMLS_CC)) {
135 /* new message starting with request/response line */
136 if (callback_func) {
137 callback_func(callback_arg, &headers, &parser->info TSRMLS_CC);
138 }
139 php_http_info_dtor(&parser->info);
140 php_http_buffer_cut(buffer, 0, eol_str + eol_len - buffer->data);
141 php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_HEADER_DONE);
142 } else if ((colon = memchr(buffer->data, ':', buffer->used)) && (!eol_str || eol_str > colon)) {
143 /* header: string */
144 size_t valid_len;
145
146 parser->_key.len = colon - buffer->data;
147 parser->_key.str = estrndup(buffer->data, parser->_key.len);
148
149 valid_len = strspn(parser->_key.str, PHP_HTTP_HEADER_NAME_CHARS);
150 if (valid_len != parser->_key.len) {
151 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to parser headers: unexpected character '0x%02x' at pos %zu of '%.*s'", parser->_key.str[valid_len], valid_len+1, (int) parser->_key.len, parser->_key.str);
152 PTR_SET(parser->_key.str, NULL);
153 return php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_FAILURE);
154 }
155 while (PHP_HTTP_IS_CTYPE(space, *++colon) && *colon != '\n' && *colon != '\r');
156 php_http_buffer_cut(buffer, 0, colon - buffer->data);
157 php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_VALUE);
158 } else if (eol_str) {
159 /* injected new line */
160 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to parse headers: unexpected character '0x%02x' at pos %zu of '%.*s'", *eol_str, eol_str - buffer->data, (int) buffer->used, buffer->data);
161 return php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_FAILURE);
162 } else if (flags & PHP_HTTP_HEADER_PARSER_CLEANUP) {
163 /* neither reqeust/response line nor header: string */
164 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to parse headers: unexpected end of input at pos %zu of '%.*s'", buffer->used, (int) buffer->used, buffer->data);
165 return php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_FAILURE);
166 } else {
167 /* keep feeding */
168 return php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_KEY);
169 }
170 break;
171 }
172
173 case PHP_HTTP_HEADER_PARSER_STATE_VALUE: {
174 const char *eol_str;
175 int eol_len;
176
177 #define SET_ADD_VAL(slen, eol_len) \
178 do { \
179 const char *ptr = buffer->data; \
180 size_t len = slen; \
181 \
182 while (len > 0 && PHP_HTTP_IS_CTYPE(space, *ptr)) { \
183 ++ptr; \
184 --len; \
185 } \
186 while (len > 0 && PHP_HTTP_IS_CTYPE(space, ptr[len - 1])) { \
187 --len; \
188 } \
189 \
190 if (len > 0) { \
191 if (parser->_val.str) { \
192 parser->_val.str = erealloc(parser->_val.str, parser->_val.len + len + 2); \
193 parser->_val.str[parser->_val.len++] = ' '; \
194 memcpy(&parser->_val.str[parser->_val.len], ptr, len); \
195 parser->_val.len += len; \
196 parser->_val.str[parser->_val.len] = '\0'; \
197 } else { \
198 parser->_val.len = len; \
199 parser->_val.str = estrndup(ptr, len); \
200 } \
201 } \
202 php_http_buffer_cut(buffer, 0, slen + eol_len); \
203 } while (0)
204
205 if ((eol_str = php_http_locate_bin_eol(buffer->data, buffer->used, &eol_len))) {
206 SET_ADD_VAL(eol_str - buffer->data, eol_len);
207 php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_VALUE_EX);
208 } else if (flags & PHP_HTTP_HEADER_PARSER_CLEANUP) {
209 if (buffer->used) {
210 SET_ADD_VAL(buffer->used, 0);
211 }
212 php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_HEADER_DONE);
213 } else {
214 return php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_VALUE);
215 }
216 break;
217 }
218
219 case PHP_HTTP_HEADER_PARSER_STATE_VALUE_EX:
220 if (buffer->used && (*buffer->data == ' ' || *buffer->data == '\t')) {
221 php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_VALUE);
222 } else if (buffer->used || (flags & PHP_HTTP_HEADER_PARSER_CLEANUP)) {
223 php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_HEADER_DONE);
224 } else {
225 /* keep feeding */
226 return php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_VALUE_EX);
227 }
228 break;
229
230 case PHP_HTTP_HEADER_PARSER_STATE_HEADER_DONE:
231 if (parser->_key.str && parser->_val.str) {
232 zval array, **exist;
233
234 if (!headers && callback_func) {
235 callback_func(callback_arg, &headers, NULL TSRMLS_CC);
236 }
237
238 INIT_PZVAL_ARRAY(&array, headers);
239 php_http_pretty_key(parser->_key.str, parser->_key.len, 1, 1);
240 if (SUCCESS == zend_symtable_find(headers, parser->_key.str, parser->_key.len + 1, (void *) &exist)) {
241 convert_to_array(*exist);
242 add_next_index_stringl(*exist, parser->_val.str, parser->_val.len, 0);
243 } else {
244 add_assoc_stringl_ex(&array, parser->_key.str, parser->_key.len + 1, parser->_val.str, parser->_val.len, 0);
245 }
246 parser->_val.str = NULL;
247 }
248
249 PTR_SET(parser->_key.str, NULL);
250 PTR_SET(parser->_val.str, NULL);
251
252 php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_KEY);
253 break;
254
255 case PHP_HTTP_HEADER_PARSER_STATE_DONE:
256 return PHP_HTTP_HEADER_PARSER_STATE_DONE;
257 }
258 }
259
260 return php_http_header_parser_state_is(parser);
261 }
262
263 php_http_header_parser_state_t php_http_header_parser_parse_stream(php_http_header_parser_t *parser, php_http_buffer_t *buf, php_stream *s, unsigned flags, HashTable *headers, php_http_info_callback_t callback_func, void *callback_arg)
264 {
265 php_http_message_parser_state_t state = PHP_HTTP_MESSAGE_PARSER_STATE_START;
266 TSRMLS_FETCH_FROM_CTX(parser->ts);
267
268 if (!buf->data) {
269 php_http_buffer_resize_ex(buf, 0x1000, 1, 0);
270 }
271 while (1) {
272 size_t justread = 0;
273 #if DBG_PARSER
274 const char *states[] = {"START", "KEY", "VALUE", "VALUE_EX", "HEADER_DONE", "DONE"};
275 fprintf(stderr, "#SHP: %s (f:%u)\n", states[state], flags);
276 #endif
277 /* resize if needed */
278 if (buf->free < 0x1000) {
279 php_http_buffer_resize_ex(buf, 0x1000, 1, 0);
280 }
281 switch (state) {
282 case PHP_HTTP_HEADER_PARSER_STATE_FAILURE:
283 case PHP_HTTP_HEADER_PARSER_STATE_DONE:
284 return state;
285
286 default:
287 /* read line */
288 php_stream_get_line(s, buf->data + buf->used, buf->free, &justread);
289 /* if we fail reading a whole line, try a single char */
290 if (!justread) {
291 int c = php_stream_getc(s);
292
293 if (c != EOF) {
294 char s[1] = {c};
295 justread = php_http_buffer_append(buf, s, 1);
296 }
297 }
298 php_http_buffer_account(buf, justread);
299 }
300
301 if (justread) {
302 state = php_http_header_parser_parse(parser, buf, flags, headers, callback_func, callback_arg);
303 } else if (php_stream_eof(s)) {
304 return php_http_header_parser_parse(parser, buf, flags | PHP_HTTP_HEADER_PARSER_CLEANUP, headers, callback_func, callback_arg);
305 } else {
306 return state;
307 }
308 }
309
310 return PHP_HTTP_HEADER_PARSER_STATE_DONE;
311 }
312
313 zend_class_entry *php_http_header_parser_class_entry;
314 static zend_object_handlers php_http_header_parser_object_handlers;
315
316 zend_object_value php_http_header_parser_object_new(zend_class_entry *ce TSRMLS_DC)
317 {
318 return php_http_header_parser_object_new_ex(ce, NULL, NULL TSRMLS_CC);
319 }
320
321 zend_object_value php_http_header_parser_object_new_ex(zend_class_entry *ce, php_http_header_parser_t *parser, php_http_header_parser_object_t **ptr TSRMLS_DC)
322 {
323 php_http_header_parser_object_t *o;
324
325 o = ecalloc(1, sizeof(php_http_header_parser_object_t));
326 zend_object_std_init((zend_object *) o, ce TSRMLS_CC);
327 object_properties_init((zend_object *) o, ce);
328
329 if (ptr) {
330 *ptr = o;
331 }
332
333 if (parser) {
334 o->parser = parser;
335 } else {
336 o->parser = php_http_header_parser_init(NULL TSRMLS_CC);
337 }
338 o->buffer = php_http_buffer_new();
339
340 o->zv.handle = zend_objects_store_put((zend_object *) o, NULL, php_http_header_parser_object_free, NULL TSRMLS_CC);
341 o->zv.handlers = &php_http_header_parser_object_handlers;
342
343 return o->zv;
344 }
345
346 void php_http_header_parser_object_free(void *object TSRMLS_DC)
347 {
348 php_http_header_parser_object_t *o = (php_http_header_parser_object_t *) object;
349
350 if (o->parser) {
351 php_http_header_parser_free(&o->parser);
352 }
353 if (o->buffer) {
354 php_http_buffer_free(&o->buffer);
355 }
356 zend_object_std_dtor((zend_object *) o TSRMLS_CC);
357 efree(o);
358 }
359
360 ZEND_BEGIN_ARG_INFO_EX(ai_HttpHeaderParser_getState, 0, 0, 0)
361 ZEND_END_ARG_INFO();
362 static PHP_METHOD(HttpHeaderParser, getState)
363 {
364 php_http_header_parser_object_t *parser_obj = zend_object_store_get_object(getThis() TSRMLS_CC);
365
366 zend_parse_parameters_none();
367 /* always return the real state */
368 RETVAL_LONG(php_http_header_parser_state_is(parser_obj->parser));
369 }
370
371 ZEND_BEGIN_ARG_INFO_EX(ai_HttpHeaderParser_parse, 0, 0, 3)
372 ZEND_ARG_INFO(0, data)
373 ZEND_ARG_INFO(0, flags)
374 ZEND_ARG_ARRAY_INFO(1, headers, 1)
375 ZEND_END_ARG_INFO();
376 static PHP_METHOD(HttpHeaderParser, parse)
377 {
378 php_http_header_parser_object_t *parser_obj;
379 zval *zmsg;
380 char *data_str;
381 int data_len;
382 long flags;
383
384 php_http_expect(SUCCESS == zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "slz", &data_str, &data_len, &flags, &zmsg), invalid_arg, return);
385
386 if (Z_TYPE_P(zmsg) != IS_ARRAY) {
387 zval_dtor(zmsg);
388 array_init(zmsg);
389 }
390 parser_obj = zend_object_store_get_object(getThis() TSRMLS_CC);
391 php_http_buffer_append(parser_obj->buffer, data_str, data_len);
392 RETVAL_LONG(php_http_header_parser_parse(parser_obj->parser, parser_obj->buffer, flags, Z_ARRVAL_P(zmsg), NULL, NULL));
393 }
394
395 ZEND_BEGIN_ARG_INFO_EX(ai_HttpHeaderParser_stream, 0, 0, 3)
396 ZEND_ARG_INFO(0, stream)
397 ZEND_ARG_INFO(0, flags)
398 ZEND_ARG_ARRAY_INFO(1, headers, 1)
399 ZEND_END_ARG_INFO();
400 static PHP_METHOD(HttpHeaderParser, stream)
401 {
402 php_http_header_parser_object_t *parser_obj;
403 zend_error_handling zeh;
404 zval *zmsg, *zstream;
405 php_stream *s;
406 long flags;
407
408 php_http_expect(SUCCESS == zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rlz", &zstream, &flags, &zmsg), invalid_arg, return);
409
410 zend_replace_error_handling(EH_THROW, php_http_exception_unexpected_val_class_entry, &zeh TSRMLS_CC);
411 php_stream_from_zval(s, &zstream);
412 zend_restore_error_handling(&zeh TSRMLS_CC);
413
414 if (Z_TYPE_P(zmsg) != IS_ARRAY) {
415 zval_dtor(zmsg);
416 array_init(zmsg);
417 }
418 parser_obj = zend_object_store_get_object(getThis() TSRMLS_CC);
419 RETVAL_LONG(php_http_header_parser_parse_stream(parser_obj->parser, parser_obj->buffer, s, flags, Z_ARRVAL_P(zmsg), NULL, NULL));
420 }
421
422 static zend_function_entry php_http_header_parser_methods[] = {
423 PHP_ME(HttpHeaderParser, getState, ai_HttpHeaderParser_getState, ZEND_ACC_PUBLIC)
424 PHP_ME(HttpHeaderParser, parse, ai_HttpHeaderParser_parse, ZEND_ACC_PUBLIC)
425 PHP_ME(HttpHeaderParser, stream, ai_HttpHeaderParser_stream, ZEND_ACC_PUBLIC)
426 {NULL, NULL, NULL}
427 };
428
429 PHP_MINIT_FUNCTION(http_header_parser)
430 {
431 zend_class_entry ce;
432
433 INIT_NS_CLASS_ENTRY(ce, "http\\Header", "Parser", php_http_header_parser_methods);
434 php_http_header_parser_class_entry = zend_register_internal_class(&ce TSRMLS_CC);
435 memcpy(&php_http_header_parser_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
436 php_http_header_parser_class_entry->create_object = php_http_header_parser_object_new;
437 php_http_header_parser_object_handlers.clone_obj = NULL;
438
439 zend_declare_class_constant_long(php_http_header_parser_class_entry, ZEND_STRL("CLEANUP"), PHP_HTTP_HEADER_PARSER_CLEANUP TSRMLS_CC);
440
441 zend_declare_class_constant_long(php_http_header_parser_class_entry, ZEND_STRL("STATE_FAILURE"), PHP_HTTP_HEADER_PARSER_STATE_FAILURE TSRMLS_CC);
442 zend_declare_class_constant_long(php_http_header_parser_class_entry, ZEND_STRL("STATE_START"), PHP_HTTP_HEADER_PARSER_STATE_START TSRMLS_CC);
443 zend_declare_class_constant_long(php_http_header_parser_class_entry, ZEND_STRL("STATE_KEY"), PHP_HTTP_HEADER_PARSER_STATE_KEY TSRMLS_CC);
444 zend_declare_class_constant_long(php_http_header_parser_class_entry, ZEND_STRL("STATE_VALUE"), PHP_HTTP_HEADER_PARSER_STATE_VALUE TSRMLS_CC);
445 zend_declare_class_constant_long(php_http_header_parser_class_entry, ZEND_STRL("STATE_VALUE_EX"), PHP_HTTP_HEADER_PARSER_STATE_VALUE_EX TSRMLS_CC);
446 zend_declare_class_constant_long(php_http_header_parser_class_entry, ZEND_STRL("STATE_HEADER_DONE"), PHP_HTTP_HEADER_PARSER_STATE_HEADER_DONE TSRMLS_CC);
447 zend_declare_class_constant_long(php_http_header_parser_class_entry, ZEND_STRL("STATE_DONE"), PHP_HTTP_HEADER_PARSER_STATE_DONE TSRMLS_CC);
448
449 return SUCCESS;
450 }
451
452 /*
453 * Local variables:
454 * tab-width: 4
455 * c-basic-offset: 4
456 * End:
457 * vim600: noet sw=4 ts=4 fdm=marker
458 * vim<600: noet sw=4 ts=4
459 */
460
Extended HTTP Support