X-Git-Url: https://git.m6w6.name/?p=m6w6%2Fext-http;a=blobdiff_plain;f=http_encoding_api.c;h=69b6721bdc4df0fb76d9fce2a419052a49d19ef5;hp=67c27a109477b7dadb729be4347bbd661191eee7;hb=d2d92ed054055987568b9c1b205b558ab8937ed4;hpb=9d4113f62a7a8fe2fe3879b94a3712d11cec8726 diff --git a/http_encoding_api.c b/http_encoding_api.c index 67c27a1..69b6721 100644 --- a/http_encoding_api.c +++ b/http_encoding_api.c @@ -24,13 +24,83 @@ #include "php_http.h" #include "php_http_api.h" +ZEND_EXTERN_MODULE_GLOBALS(http); + +/* {{{ char *http_encoding_dechunk(char *, size_t, char **, size_t *) */ +PHP_HTTP_API const char *_http_encoding_dechunk(const char *encoded, size_t encoded_len, char **decoded, size_t *decoded_len TSRMLS_DC) +{ + const char *e_ptr; + char *d_ptr; + long rest; + + *decoded_len = 0; + *decoded = ecalloc(1, encoded_len); + d_ptr = *decoded; + e_ptr = encoded; + + while ((rest = encoded + encoded_len - e_ptr) > 0) { + long chunk_len = 0; + int EOL_len = 0, eol_mismatch = 0; + char *n_ptr; + + chunk_len = strtol(e_ptr, &n_ptr, 16); + + /* check if: + * - we could not read in chunk size + * - we got a negative chunk size + * - chunk size is greater then remaining size + * - chunk size is not followed by (CR)LF|NUL + */ + if ( (n_ptr == e_ptr) || (chunk_len < 0) || (chunk_len > rest) || + (*n_ptr && (eol_mismatch = (n_ptr != http_locate_eol(e_ptr, &EOL_len))))) { + /* don't fail on apperently not encoded data */ + if (e_ptr == encoded) { + memcpy(*decoded, encoded, encoded_len); + *decoded_len = encoded_len; + return encoded + encoded_len; + } else { + efree(*decoded); + if (eol_mismatch) { + if (EOL_len == 2) { + http_error_ex(HE_WARNING, HTTP_E_ENCODING, "Invalid character (expected 0x0D 0x0A; got: 0x%X 0x%X)", *n_ptr, *(n_ptr + 1)); + } else { + http_error_ex(HE_WARNING, HTTP_E_ENCODING, "Invalid character (expected 0x0A; got: 0x%X)", *n_ptr); + } + } else { + char *error = estrndup(n_ptr, strcspn(n_ptr, "\r\n ")); + http_error_ex(HE_WARNING, HTTP_E_ENCODING, "Invalid chunk size: '%s' at pos %d", error, n_ptr - encoded); + efree(error); + } + return NULL; + } + } else { + e_ptr = n_ptr; + } + + /* reached the end */ + if (!chunk_len) { + break; + } + + memcpy(d_ptr, e_ptr += EOL_len, chunk_len); + d_ptr += chunk_len; + e_ptr += chunk_len + EOL_len; + *decoded_len += chunk_len; + } + + return e_ptr; +} +/* }}} */ + #ifdef HTTP_HAVE_ZLIB #include +/* max count of uncompress trials, alloc_size <<= 2 for each try */ #define HTTP_GZMAXTRY 10 -#define HTTP_GZBUFLEN(l) (l + (l / 1000) + 16 + 1) - -ZEND_EXTERN_MODULE_GLOBALS(http); +/* safe padding */ +#define HTTP_GZSAFPAD 10 +/* add 1% extra space in case we need to encode widely differing (binary) data */ +#define HTTP_GZBUFLEN(l) (l + (l / 100) + HTTP_GZSAFPAD) static const char http_gzencode_header[] = { (const char) 0x1f, @@ -48,9 +118,9 @@ inline void http_init_gzencode_buffer(z_stream *Z, const char *data, size_t data Z->next_in = (Bytef *) data; Z->avail_in = data_len; - Z->avail_out = HTTP_GZBUFLEN(data_len) - 1; + Z->avail_out = HTTP_GZBUFLEN(data_len) + HTTP_GZSAFPAD - 1; - *buf_ptr = emalloc(Z->avail_out + sizeof(http_gzencode_header)); + *buf_ptr = emalloc(HTTP_GZBUFLEN(data_len) + sizeof(http_gzencode_header) + HTTP_GZSAFPAD); memcpy(*buf_ptr, http_gzencode_header, sizeof(http_gzencode_header)); Z->next_out = *buf_ptr + sizeof(http_gzencode_header); @@ -62,11 +132,11 @@ inline void http_init_deflate_buffer(z_stream *Z, const char *data, size_t data_ Z->zfree = Z_NULL; Z->opaque = Z_NULL; - Z->data_type = Z_ASCII; + Z->data_type = Z_UNKNOWN; Z->next_in = (Bytef *) data; Z->avail_in = data_len; Z->avail_out = HTTP_GZBUFLEN(data_len) - 1; - Z->next_out = emalloc(Z->avail_out); + Z->next_out = emalloc(HTTP_GZBUFLEN(data_len)); *buf_ptr = Z->next_out; } @@ -106,15 +176,15 @@ inline size_t http_finish_gzencode_buffer(z_stream *Z, const char *data, size_t trailer = *buf_ptr + sizeof(http_gzencode_header) + Z->total_out; - /* write crc & stream.total_in in LSB order */ - trailer[0] = (char) crc & 0xFF; - trailer[1] = (char) (crc >> 8) & 0xFF; - trailer[2] = (char) (crc >> 16) & 0xFF; - trailer[3] = (char) (crc >> 24) & 0xFF; - trailer[4] = (char) (Z->total_in) & 0xFF; - trailer[5] = (char) (Z->total_in >> 8) & 0xFF; - trailer[6] = (char) (Z->total_in >> 16) & 0xFF; - trailer[7] = (char) (Z->total_in >> 24) & 0xFF; + /* LSB */ + trailer[0] = (char) (crc & 0xFF); + trailer[1] = (char) ((crc >> 8) & 0xFF); + trailer[2] = (char) ((crc >> 16) & 0xFF); + trailer[3] = (char) ((crc >> 24) & 0xFF); + trailer[4] = (char) ((Z->total_in) & 0xFF); + trailer[5] = (char) ((Z->total_in >> 8) & 0xFF); + trailer[6] = (char) ((Z->total_in >> 16) & 0xFF); + trailer[7] = (char) ((Z->total_in >> 24) & 0xFF); return http_finish_buffer(Z->total_out + sizeof(http_gzencode_header) + 8, buf_ptr); } @@ -187,22 +257,22 @@ PHP_HTTP_API STATUS _http_encoding_gzdecode(const char *data, size_t data_len, c if (SUCCESS == http_encoding_inflate(encoded, encoded_len, decoded, decoded_len)) { unsigned long len = 0, cmp = 0, crc = crc32(0L, Z_NULL, 0); - crc = crc32(crc, *decoded, *decoded_len); + crc = crc32(crc, (const Bytef *) *decoded, *decoded_len); - cmp = (unsigned) (data[data_len-8]); - cmp += (unsigned) (data[data_len-7] << 8); - cmp += (unsigned) (data[data_len-6] << 16); - cmp += (unsigned) (data[data_len-5] << 24); - len = (unsigned) (data[data_len-4]); - len += (unsigned) (data[data_len-4] << 8); - len += (unsigned) (data[data_len-4] << 16); - len += (unsigned) (data[data_len-4] << 24); + cmp = (unsigned) ((data[data_len-8] & 0xFF)); + cmp += (unsigned) ((data[data_len-7] & 0xFF) << 8); + cmp += (unsigned) ((data[data_len-6] & 0xFF) << 16); + cmp += (unsigned) ((data[data_len-5] & 0xFF) << 24); + len = (unsigned) ((data[data_len-4] & 0xFF)); + len += (unsigned) ((data[data_len-3] & 0xFF) << 8); + len += (unsigned) ((data[data_len-2] & 0xFF) << 16); + len += (unsigned) ((data[data_len-1] & 0xFF) << 24); if (cmp != crc) { - http_error(HE_NOTICE, HTTP_E_ENCODING, "Could not verify data integrity: CRC check failed"); + http_error_ex(HE_NOTICE, HTTP_E_ENCODING, "Could not verify data integrity: CRC checksums do not match (%lu, %lu)", cmp, crc); } if (len != *decoded_len) { - http_error(HE_NOTICE, HTTP_E_ENCODING, "Could not verify data integrity: data length check failed"); + http_error_ex(HE_NOTICE, HTTP_E_ENCODING, "Could not verify data integrity: data sizes do not match (%lu, %lu)", len, *decoded_len); } return SUCCESS;