Fix gh-issue #2: comparison of obsolete pointers in the header parser

Closes #2.

The eol_str pointer could become obsolete due to later usage of
php_http_buffer_fix and render the result of arithmetics against the
changed buffer->data pointer useless or harmgful.

Thanks @xiaoyjy.

diff --git a/package.xml b/package.xml
index 875d8ecbff7ce8c372ccb357813d75fcff0bd3e7..1f22d38911ca8ab9d9d72f67b8e4543aa25329a0 100644 (file)
--- a/package.xml
+++ b/package.xml
@@ -47,6 +47,7 @@ http://dev.iworks.at/ext-http/lcov/ext/http/
  <license>BSD, revised</license>
  <notes><![CDATA[
 * Fixed VC11 build (Jan Erhardt)
+* Fixed gh-issue #2: comparison of obsolete pointers in the header parser (xiaoyjy)
 ]]></notes>
  <contents>
   <dir name="/">

diff --git a/php_http_header_parser.c b/php_http_header_parser.c
index 2fbcb9394dbae1f5cd8761468ae4ff7799f988f4..46551e21248959c67a7aa7d915885a6ec9d1e050 100644 (file)
--- a/php_http_header_parser.c
+++ b/php_http_header_parser.c
@@ -146,11 +146,14 @@ php_http_header_parser_state_t php_http_header_parser_parse(php_http_header_pars
                                const char *colon, *eol_str = NULL;
                                int eol_len = 0;
 
+                               /* fix buffer here, so eol_str pointer doesn't become obsolete afterwards */
+                               php_http_buffer_fix(buffer);
+
                                if (buffer->data == (eol_str = php_http_locate_bin_eol(buffer->data, buffer->used, &eol_len))) {
                                        /* end of headers */
                                        php_http_buffer_cut(buffer, 0, eol_len);
                                        php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_DONE);
-                               } else if (php_http_info_parse(&parser->info, php_http_buffer_fix(buffer)->data TSRMLS_CC)) {
+                               } else if (php_http_info_parse(&parser->info, buffer->data TSRMLS_CC)) {
                                        /* new message starting with request/response line */
                                        if (callback_func) {
                                                callback_func(callback_arg, &headers, &parser->info TSRMLS_CC);
@@ -176,7 +179,6 @@ php_http_header_parser_state_t php_http_header_parser_parse(php_http_header_pars
                                        php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_VALUE);
                                } else if (eol_str || (flags & PHP_HTTP_HEADER_PARSER_CLEANUP)) {
                                        /* neither reqeust/response line nor 'header:' string, or injected new line or NUL etc. */
-                                       php_http_buffer_fix(buffer);
                                        php_http_header_parser_error(strspn(buffer->data, PHP_HTTP_HEADER_NAME_CHARS), buffer->data, buffer->used, eol_str TSRMLS_CC);
                                        return php_http_header_parser_state_push(parser, 1, PHP_HTTP_HEADER_PARSER_STATE_FAILURE);
                                } else {