X-Git-Url: https://git.m6w6.name/?p=m6w6%2Fext-http;a=blobdiff_plain;f=http_api.c;h=18b14e2cf1265803f1068167e21f9169f6dfb7ce;hp=8ba8259b56dcee449c9cf5c4dbce5bb5e3d20dd8;hb=2269e8e11a6837fc165ae85406ea6db84c1995cc;hpb=4f5d70d375dac27459a80c1e5271697c1f46c675 diff --git a/http_api.c b/http_api.c index 8ba8259..18b14e2 100644 --- a/http_api.c +++ b/http_api.c @@ -145,21 +145,32 @@ PHP_HTTP_API const char *_http_chunked_decode(const char *encoded, size_t encode e_ptr = encoded; while (((e_ptr - encoded) - encoded_len) > 0) { + int no_crlf = 0; char *n_ptr; size_t chunk_len = 0; chunk_len = strtol(e_ptr, &n_ptr, 16); - if (n_ptr == e_ptr) { + /* check if: + * - we could not read in chunk size + * - chunk size is not followed by HTTP_CRLF|NUL + */ + if ((n_ptr == e_ptr) || (*n_ptr && (no_crlf = strncmp(n_ptr, HTTP_CRLF, lenof(HTTP_CRLF))))) { /* don't fail on apperently not encoded data */ if (e_ptr == encoded) { memcpy(*decoded, encoded, encoded_len); *decoded_len = encoded_len; return encoded + encoded_len; } else { - char *error = estrndup(n_ptr, strcspn(n_ptr, "\r\n \0")); - http_error_ex(E_WARNING, HTTP_E_PARSE, "Invalid chunk size: '%s' at pos %d", error, n_ptr - encoded); - efree(error); + efree(*decoded); + if (no_crlf) { + http_error_ex(E_WARNING, HTTP_E_PARSE, "Invalid character (expected 0x0D 0x0A; got: 0x%x 0x%x)", *n_ptr, *(n_ptr + 1)); + } else { + char *error = estrndup(n_ptr, strcspn(n_ptr, "\r\n \0")); + http_error_ex(E_WARNING, HTTP_E_PARSE, "Invalid chunk size: '%s' at pos %d", error, n_ptr - encoded); + efree(error); + } + return NULL; } } else { @@ -171,14 +182,6 @@ PHP_HTTP_API const char *_http_chunked_decode(const char *encoded, size_t encode break; } - /* new line */ - if (strncmp(e_ptr, HTTP_CRLF, 2)) { - http_error_ex(E_WARNING, HTTP_E_PARSE, - "Invalid character (expected 0x0D 0x0A; got: 0x%x 0x%x)", *e_ptr, *(e_ptr + 1)); - efree(*decoded); - return NULL; - } - memcpy(d_ptr, e_ptr += 2, chunk_len); d_ptr += chunk_len; e_ptr += chunk_len + 2;