X-Git-Url: https://git.m6w6.name/?p=m6w6%2Fext-http;a=blobdiff_plain;f=http_encoding_api.c;h=47f01ddd24859ec9550d7e6fa54642dcf141f307;hp=67c27a109477b7dadb729be4347bbd661191eee7;hb=f6a58b4f97105ba3c3177116c18672f1b8ba4179;hpb=9d4113f62a7a8fe2fe3879b94a3712d11cec8726 diff --git a/http_encoding_api.c b/http_encoding_api.c index 67c27a1..47f01dd 100644 --- a/http_encoding_api.c +++ b/http_encoding_api.c @@ -24,14 +24,80 @@ #include "php_http.h" #include "php_http_api.h" +ZEND_EXTERN_MODULE_GLOBALS(http); + +/* {{{ char *http_encoding_dechunk(char *, size_t, char **, size_t *) */ +PHP_HTTP_API const char *_http_encoding_dechunk(const char *encoded, size_t encoded_len, char **decoded, size_t *decoded_len TSRMLS_DC) +{ + const char *e_ptr; + char *d_ptr; + long rest; + + *decoded_len = 0; + *decoded = ecalloc(1, encoded_len); + d_ptr = *decoded; + e_ptr = encoded; + + while ((rest = encoded + encoded_len - e_ptr) > 0) { + long chunk_len = 0; + int EOL_len = 0, eol_mismatch = 0; + char *n_ptr; + + chunk_len = strtol(e_ptr, &n_ptr, 16); + + /* check if: + * - we could not read in chunk size + * - we got a negative chunk size + * - chunk size is greater then remaining size + * - chunk size is not followed by (CR)LF|NUL + */ + if ( (n_ptr == e_ptr) || (chunk_len < 0) || (chunk_len > rest) || + (*n_ptr && (eol_mismatch = (n_ptr != http_locate_eol(e_ptr, &EOL_len))))) { + /* don't fail on apperently not encoded data */ + if (e_ptr == encoded) { + memcpy(*decoded, encoded, encoded_len); + *decoded_len = encoded_len; + return encoded + encoded_len; + } else { + efree(*decoded); + if (eol_mismatch) { + if (EOL_len == 2) { + http_error_ex(HE_WARNING, HTTP_E_ENCODING, "Invalid character (expected 0x0D 0x0A; got: 0x%X 0x%X)", *n_ptr, *(n_ptr + 1)); + } else { + http_error_ex(HE_WARNING, HTTP_E_ENCODING, "Invalid character (expected 0x0A; got: 0x%X)", *n_ptr); + } + } else { + char *error = estrndup(n_ptr, strcspn(n_ptr, "\r\n ")); + http_error_ex(HE_WARNING, HTTP_E_ENCODING, "Invalid chunk size: '%s' at pos %d", error, n_ptr - encoded); + efree(error); + } + return NULL; + } + } else { + e_ptr = n_ptr; + } + + /* reached the end */ + if (!chunk_len) { + break; + } + + memcpy(d_ptr, e_ptr += EOL_len, chunk_len); + d_ptr += chunk_len; + e_ptr += chunk_len + EOL_len; + *decoded_len += chunk_len; + } + + return e_ptr; +} +/* }}} */ + #ifdef HTTP_HAVE_ZLIB #include #define HTTP_GZMAXTRY 10 #define HTTP_GZBUFLEN(l) (l + (l / 1000) + 16 + 1) -ZEND_EXTERN_MODULE_GLOBALS(http); - static const char http_gzencode_header[] = { (const char) 0x1f, (const char) 0x8b, @@ -194,9 +260,9 @@ PHP_HTTP_API STATUS _http_encoding_gzdecode(const char *data, size_t data_len, c cmp += (unsigned) (data[data_len-6] << 16); cmp += (unsigned) (data[data_len-5] << 24); len = (unsigned) (data[data_len-4]); - len += (unsigned) (data[data_len-4] << 8); - len += (unsigned) (data[data_len-4] << 16); - len += (unsigned) (data[data_len-4] << 24); + len += (unsigned) (data[data_len-3] << 8); + len += (unsigned) (data[data_len-2] << 16); + len += (unsigned) (data[data_len-1] << 24); if (cmp != crc) { http_error(HE_NOTICE, HTTP_E_ENCODING, "Could not verify data integrity: CRC check failed");