X-Git-Url: https://git.m6w6.name/?p=m6w6%2Fext-http;a=blobdiff_plain;f=php_http_info.c;h=6eef822707c1bfa6082672be7a91762e31ee094e;hp=2c0f11474b810886962de0861ac6ea25da8e9c5c;hb=4bf1b4570329514fa00dc68c6e02f581c3792d73;hpb=498493b4cb032edc2ec5b8baa51bebf70ad77d6a

diff --git a/php_http_info.c b/php_http_info.c
index 2c0f114..6eef822 100644
--- a/php_http_info.c
+++ b/php_http_info.c
@@ -12,7 +12,7 @@
 
 #include "php_http_api.h"
 
-php_http_info_t *php_http_info_init(php_http_info_t *i TSRMLS_DC)
+php_http_info_t *php_http_info_init(php_http_info_t *i)
 {
 	if (!i) {
 		i = emalloc(sizeof(*i));
@@ -49,7 +49,7 @@ void php_http_info_free(php_http_info_t **i)
 	}
 }
 
-php_http_info_t *php_http_info_parse(php_http_info_t *info, const char *pre_header TSRMLS_DC)
+php_http_info_t *php_http_info_parse(php_http_info_t *info, const char *pre_header)
 {
 	const char *end, *http;
 	zend_bool free_info = !info;
@@ -69,10 +69,10 @@ php_http_info_t *php_http_info_parse(php_http_info_t *info, const char *pre_head
 		return NULL;
 	}
 	
-	info = php_http_info_init(info TSRMLS_CC);
+	info = php_http_info_init(info);
 
 	/* and nothing than SPACE or NUL after HTTP/X.x */
-	if (!php_http_version_parse(&info->http.version, http TSRMLS_CC)
+	if (!php_http_version_parse(&info->http.version, http)
 	||	(http[lenof("HTTP/X.x")] && (!PHP_HTTP_IS_CTYPE(space, http[lenof("HTTP/X.x")])))) {
 		if (free_info) {
 			php_http_info_free(&info);
@@ -90,13 +90,22 @@ php_http_info_t *php_http_info_parse(php_http_info_t *info, const char *pre_head
 
 	/* is response */
 	if (pre_header == http) {
-		char *status = NULL;
-		const char *code = http + sizeof("HTTP/X.x");
+		const char *status = NULL, *code = http + sizeof("HTTP/X.x");
 		
 		info->type = PHP_HTTP_RESPONSE;
-		while (' ' == *code) ++code;
+		while (code < end && ' ' == *code) ++code;
 		if (code && end > code) {
-			PHP_HTTP_INFO(info).response.code = strtol(code, &status, 10);
+			/* rfc7230#3.1.2 The status-code element is a 3-digit integer code */
+			PHP_HTTP_INFO(info).response.code = 100*(*code++ - '0');
+			PHP_HTTP_INFO(info).response.code += 10*(*code++ - '0');
+			PHP_HTTP_INFO(info).response.code +=     *code++ - '0';
+			if (PHP_HTTP_INFO(info).response.code < 100 || PHP_HTTP_INFO(info).response.code > 599) {
+				if (free_info) {
+					php_http_info_free(&info);
+				}
+				return NULL;
+			}
+			status = code;
 		} else {
 			PHP_HTTP_INFO(info).response.code = 0;
 		}
@@ -116,11 +125,24 @@ php_http_info_t *php_http_info_parse(php_http_info_t *info, const char *pre_head
 		
 		info->type = PHP_HTTP_REQUEST;
 		if (url && http > url) {
-			PHP_HTTP_INFO(info).request.method = estrndup(pre_header, url - pre_header);
+			size_t url_len = url - pre_header;
+
+			PHP_HTTP_INFO(info).request.method = estrndup(pre_header, url_len);
+
 			while (' ' == *url) ++url;
 			while (' ' == *(http-1)) --http;
+
 			if (http > url) {
-				PHP_HTTP_INFO(info).request.url = php_http_url_parse(url, http - url, ~0 TSRMLS_CC);
+				/* CONNECT presents an authority only */
+				if (strcasecmp(PHP_HTTP_INFO(info).request.method, "CONNECT")) {
+					PHP_HTTP_INFO(info).request.url = php_http_url_parse(url, http - url, ~0);
+				} else {
+					PHP_HTTP_INFO(info).request.url = php_http_url_parse_authority(url, http - url, ~0);
+				}
+				if (!PHP_HTTP_INFO(info).request.url) {
+					PTR_SET(PHP_HTTP_INFO(info).request.method, NULL);
+					return NULL;
+				}
 			} else {
 				PTR_SET(PHP_HTTP_INFO(info).request.method, NULL);
 				return NULL;