X-Git-Url: https://git.m6w6.name/?p=m6w6%2Fext-http;a=blobdiff_plain;f=http_encoding_api.c;h=9475a176b86c47cf1ee653c581b1234faeb415af;hp=d1ce3da984441d1a839590c642aa6ed68c9433ed;hb=fa542affedb0fe8ff87b1f5b6734d6612c63987f;hpb=2b1bdfab2a6402e4daec69f6b7c395b0662e18d7

diff --git a/http_encoding_api.c b/http_encoding_api.c
index d1ce3da..9475a17 100644
--- a/http_encoding_api.c
+++ b/http_encoding_api.c
@@ -1,16 +1,13 @@
 /*
-   +----------------------------------------------------------------------+
-   | PECL :: http                                                         |
-   +----------------------------------------------------------------------+
-   | This source file is subject to version 3.0 of the PHP license, that  |
-   | is bundled with this package in the file LICENSE, and is available   |
-   | through the world-wide-web at http://www.php.net/license/3_0.txt.    |
-   | If you did not receive a copy of the PHP license and are unable to   |
-   | obtain it through the world-wide-web, please send a note to          |
-   | license@php.net so we can mail you a copy immediately.               |
-   +----------------------------------------------------------------------+
-   | Copyright (c) 2004-2005 Michael Wallner <mike@php.net>               |
-   +----------------------------------------------------------------------+
+    +--------------------------------------------------------------------+
+    | PECL :: http                                                       |
+    +--------------------------------------------------------------------+
+    | Redistribution and use in source and binary forms, with or without |
+    | modification, are permitted provided that the conditions mentioned |
+    | in the accompanying LICENSE file are met.                          |
+    +--------------------------------------------------------------------+
+    | Copyright (c) 2004-2005, Michael Wallner <mike@php.net>            |
+    +--------------------------------------------------------------------+
 */
 
 /* $Id$ */
@@ -32,66 +29,86 @@
 
 ZEND_EXTERN_MODULE_GLOBALS(http);
 
+static inline int eol_match(char **line, int *eol_len)
+{
+	char *ptr = *line;
+	
+	while (0x20 == *ptr) ++ptr;
+
+	if (ptr == http_locate_eol(*line, eol_len)) {
+		*line = ptr;
+		return 1;
+	} else {
+		return 0;
+	}
+}
+			
 /* {{{ char *http_encoding_dechunk(char *, size_t, char **, size_t *) */
 PHP_HTTP_API const char *_http_encoding_dechunk(const char *encoded, size_t encoded_len, char **decoded, size_t *decoded_len TSRMLS_DC)
 {
-	const char *e_ptr;
-	char *d_ptr;
-	long rest;
+	int eol_len = 0;
+	char *n_ptr = NULL;
+	const char *e_ptr = encoded;
 	
 	*decoded_len = 0;
 	*decoded = ecalloc(1, encoded_len);
-	d_ptr = *decoded;
-	e_ptr = encoded;
-
-	while ((rest = encoded + encoded_len - e_ptr) > 0) {
-		long chunk_len = 0;
-		int EOL_len = 0, eol_mismatch = 0;
-		char *n_ptr;
-
-		chunk_len = strtol(e_ptr, &n_ptr, 16);
-
-		/* check if:
-		 * - we could not read in chunk size
-		 * - we got a negative chunk size
-		 * - chunk size is greater then remaining size
-		 * - chunk size is not followed by (CR)LF|NUL
-		 */
-		if (	(n_ptr == e_ptr) ||	(chunk_len < 0) || (chunk_len > rest) || 
-				(*n_ptr && (eol_mismatch = (n_ptr != http_locate_eol(e_ptr, &EOL_len))))) {
-			/* don't fail on apperently not encoded data */
+
+	while ((encoded + encoded_len - e_ptr) > 0) {
+		ulong chunk_len = 0, rest;
+
+		chunk_len = strtoul(e_ptr, &n_ptr, 16);
+
+		/* we could not read in chunk size */
+		if (n_ptr == e_ptr) {
+			/*
+			 * if this is the first turn and there doesn't seem to be a chunk
+			 * size at the begining of the body, do not fail on apparently
+			 * not encoded data and return a copy
+			 */
 			if (e_ptr == encoded) {
+				http_error(HE_NOTICE, HTTP_E_ENCODING, "Data does not seem to be chunked encoded");
 				memcpy(*decoded, encoded, encoded_len);
 				*decoded_len = encoded_len;
 				return encoded + encoded_len;
 			} else {
 				efree(*decoded);
-				if (eol_mismatch) {
-					if (EOL_len == 2) {
-						http_error_ex(HE_WARNING, HTTP_E_ENCODING, "Invalid character (expected 0x0D 0x0A; got: 0x%X 0x%X)", *n_ptr, *(n_ptr + 1));
-					} else {
-						http_error_ex(HE_WARNING, HTTP_E_ENCODING, "Invalid character (expected 0x0A; got: 0x%X)", *n_ptr);
-					}
-				} else {
-					char *error = estrndup(n_ptr, strcspn(n_ptr, "\r\n "));
-					http_error_ex(HE_WARNING, HTTP_E_ENCODING, "Invalid chunk size: '%s' at pos %d", error, n_ptr - encoded);
-					efree(error);
-				}
+				http_error_ex(HE_WARNING, HTTP_E_ENCODING, "Expected chunk size at pos %tu of %zu but got trash", n_ptr - encoded, encoded_len);
 				return NULL;
 			}
-		} else {
-			e_ptr = n_ptr;
 		}
-
+		
 		/* reached the end */
 		if (!chunk_len) {
 			break;
 		}
 
-		memcpy(d_ptr, e_ptr += EOL_len, chunk_len);
-		d_ptr += chunk_len;
-		e_ptr += chunk_len + EOL_len;
+		/* there should be CRLF after the chunk size, but we'll ignore SP+ too */
+		if (*n_ptr && !eol_match(&n_ptr, &eol_len)) {
+			if (eol_len == 2) {
+				http_error_ex(HE_WARNING, HTTP_E_ENCODING, "Expected CRLF at pos %tu of %zu but got 0x%02X 0x%02X", n_ptr - encoded, encoded_len, *n_ptr, *(n_ptr + 1));
+			} else {
+				http_error_ex(HE_WARNING, HTTP_E_ENCODING, "Expected LF at pos %tu of %zu but got 0x%02X", n_ptr - encoded, encoded_len, *n_ptr);
+			}
+		}
+		n_ptr += eol_len;
+		
+		/* chunk size pretends more data than we actually got, so it's probably a truncated message */
+		if (chunk_len > (rest = encoded + encoded_len - n_ptr)) {
+			http_error_ex(HE_WARNING, HTTP_E_ENCODING, "Truncated message: chunk size %lu exceeds remaining data size %lu at pos %tu of %zu", chunk_len, rest, n_ptr - encoded, encoded_len);
+			chunk_len = rest;
+		}
+
+		/* copy the chunk */
+		memcpy(*decoded + *decoded_len, n_ptr, chunk_len);
 		*decoded_len += chunk_len;
+		
+		if (chunk_len == rest) {
+			e_ptr = n_ptr + chunk_len;
+			break;
+		} else {
+			/* advance to next chunk */
+			e_ptr = n_ptr + chunk_len + eol_len;
+		}
 	}
 
 	return e_ptr;
@@ -126,7 +143,7 @@ inline void http_init_gzencode_buffer(z_stream *Z, const char *data, size_t data
 	*buf_ptr = emalloc(HTTP_ENCODING_BUFLEN(data_len) + sizeof(http_encoding_gzip_header) + HTTP_ENCODING_SAFPAD);
 	memcpy(*buf_ptr, http_encoding_gzip_header, sizeof(http_encoding_gzip_header));
 	
-	Z->next_out = *buf_ptr + sizeof(http_encoding_gzip_header);
+	Z->next_out = (Bytef *) *buf_ptr + sizeof(http_encoding_gzip_header);
 }
 
 inline void http_init_deflate_buffer(z_stream *Z, const char *data, size_t data_len, char **buf_ptr)
@@ -141,7 +158,7 @@ inline void http_init_deflate_buffer(z_stream *Z, const char *data, size_t data_
 	Z->avail_out = HTTP_ENCODING_BUFLEN(data_len) - 1;
 	Z->next_out  = emalloc(HTTP_ENCODING_BUFLEN(data_len));
 	
-	*buf_ptr = Z->next_out;
+	*buf_ptr = (char *) Z->next_out;
 }
 
 inline void http_init_uncompress_buffer(size_t data_len, char **buf_ptr, size_t *buf_len, int *iteration)
@@ -172,7 +189,7 @@ inline void http_init_inflate_buffer(z_stream *Z, const char *data, size_t data_
 	Z->next_in   = (Bytef *) data;
 	Z->avail_in  = data_len;
 	Z->avail_out = *buf_len;
-	Z->next_out  = *buf_ptr;
+	Z->next_out  = (Bytef *) *buf_ptr;
 }
 
 inline size_t http_finish_buffer(size_t buf_len, char **buf_ptr)
@@ -183,7 +200,7 @@ inline size_t http_finish_buffer(size_t buf_len, char **buf_ptr)
 
 inline size_t http_finish_gzencode_buffer(z_stream *Z, const char *data, size_t data_len, char **buf_ptr)
 {
-	unsigned long crc;
+	ulong crc;
 	char *trailer;
 	
 	crc = crc32(0L, Z_NULL, 0);
@@ -251,13 +268,13 @@ inline STATUS http_verify_gzencode_buffer(const char *data, size_t data_len, con
 		if (data_len <= offset) {
 			goto really_bad_gzip_header;
 		} else {
-			unsigned long crc, cmp;
+			ulong crc, cmp;
 			
 			cmp =  (unsigned) ((data[offset-2] & 0xFF));
 			cmp += (unsigned) ((data[offset-1] & 0xFF) << 8);
 			
 			crc = crc32(0L, Z_NULL, 0);
-			crc = crc32(crc, data, sizeof(http_encoding_gzip_header));
+			crc = crc32(crc, (const Bytef *) data, sizeof(http_encoding_gzip_header));
 			
 			if (cmp != (crc & 0xFFFF)) {
 				http_error_ex(error_level TSRMLS_CC, HTTP_E_ENCODING, "GZIP headers CRC checksums so not match (%lu, %lu)", cmp, crc & 0xFFFF);
@@ -288,7 +305,7 @@ really_bad_gzip_header:
 inline STATUS http_verify_gzdecode_buffer(const char *data, size_t data_len, const char *decoded, size_t decoded_len, int error_level TSRMLS_DC)
 {
 	STATUS status = SUCCESS;
-	unsigned long len, cmp, crc;
+	ulong len, cmp, crc;
 	
 	crc = crc32(0L, Z_NULL, 0);
 	crc = crc32(crc, (const Bytef *) decoded, decoded_len);
@@ -422,7 +439,7 @@ PHP_HTTP_API STATUS _http_encoding_compress(int level, const char *data, size_t
 	
 	*encoded = emalloc(*encoded_len = HTTP_ENCODING_BUFLEN(data_len));
 	
-	if (Z_OK == (status = compress2(*encoded, encoded_len, data, data_len, level))) {
+	if (Z_OK == (status = compress2((Bytef *) *encoded, (uLongf *) encoded_len, (const Bytef *) data, data_len, level))) {
 		http_finish_buffer(*encoded_len, encoded);
 		return SUCCESS;
 	}
@@ -476,7 +493,7 @@ PHP_HTTP_API STATUS _http_encoding_uncompress(const char *data, size_t data_len,
 	
 	do {
 		http_init_uncompress_buffer(data_len, decoded, decoded_len, &max);
-		if (Z_OK == (status = uncompress(*decoded, decoded_len, data, data_len))) {
+		if (Z_OK == (status = uncompress((Bytef *) *decoded, (uLongf *) decoded_len, (const Bytef *) data, data_len))) {
 			http_finish_buffer(*decoded_len, decoded);
 			return SUCCESS;
 		}
@@ -503,7 +520,7 @@ PHP_HTTP_API STATUS _http_encoding_stream_init(http_encoding_stream *s, int gzip
 		HTTP_ENCODING_STREAM_ERROR(status, NULL);
 	}
 	
-	if (s->gzip = gzip) {
+	if ((s->gzip = gzip)) {
 		s->crc = crc32(0L, Z_NULL, 0);
 		*encoded_len = sizeof(http_encoding_gzip_header);
 		*encoded = emalloc(*encoded_len);
@@ -525,7 +542,7 @@ PHP_HTTP_API STATUS _http_encoding_stream_update(http_encoding_stream *s, const
 	
 	s->Z.next_in = (Bytef *) data;
 	s->Z.avail_in = data_len;
-	s->Z.next_out = *encoded;
+	s->Z.next_out = (Bytef *) *encoded;
 	s->Z.avail_out = *encoded_len;
 	
 	status = deflate(&s->Z, Z_SYNC_FLUSH);
@@ -549,7 +566,7 @@ PHP_HTTP_API STATUS _http_encoding_stream_finish(http_encoding_stream *s, char *
 	*encoded_len = 1024;
 	*encoded = emalloc(*encoded_len);
 	
-	s->Z.next_out = *encoded;
+	s->Z.next_out = (Bytef *) *encoded;
 	s->Z.avail_out = *encoded_len;
 	
 	if (Z_STREAM_END != (status = deflate(&s->Z, Z_FINISH)) || Z_OK != (status = deflateEnd(&s->Z))) {
@@ -587,7 +604,7 @@ PHP_HTTP_API zend_bool _http_encoding_response_start(size_t content_length TSRML
 			if (content_length) {
 				char cl_header_str[128];
 				size_t cl_header_len;
-				cl_header_len = snprintf(cl_header_str, lenof(cl_header_str), "Content-Length: %lu", (unsigned long) content_length);
+				cl_header_len = snprintf(cl_header_str, lenof(cl_header_str), "Content-Length: %zu", content_length);
 				http_send_header_string_ex(cl_header_str, cl_header_len, 1);
 			}
 		} else {
@@ -605,7 +622,7 @@ PHP_HTTP_API zend_bool _http_encoding_response_start(size_t content_length TSRML
 			
 			HTTP_G(send).gzip_encoding = 0;
 			
-			if (selected = http_negotiate_encoding(&zsupported)) {
+			if ((selected = http_negotiate_encoding(&zsupported))) {
 				STATUS hs = FAILURE;
 				char *encoding = NULL;
 				ulong idx;