content range has precendence; fix bug to detect max length
authorMichael Wallner <mike@php.net>
Thu, 12 Feb 2015 21:51:44 +0000 (22:51 +0100)
committerMichael Wallner <mike@php.net>
Thu, 12 Feb 2015 21:51:44 +0000 (22:51 +0100)
php_http_message_parser.c

index 57805eccc396267785b3efdc65f104f7003f7cf8..086ce0ce5b28c3726a88d05f00c47cfe2ff799fc 100644 (file)
@@ -320,30 +320,13 @@ php_http_message_parser_state_t php_http_message_parser_parse(php_http_message_p
                                                }
                                        }
 
-                                       if (h_cl) {
-                                               char *stop;
-
-                                               if (Z_TYPE_PP(h_cl) == IS_STRING) {
-                                                       parser->body_length = strtoul(Z_STRVAL_PP(h_cl), &stop, 10);
-
-                                                       if (stop != Z_STRVAL_PP(h_cl)) {
-                                                               php_http_message_parser_state_push(parser, 1, !parser->body_length?PHP_HTTP_MESSAGE_PARSER_STATE_BODY_DONE:PHP_HTTP_MESSAGE_PARSER_STATE_BODY_LENGTH);
-                                                               break;
-                                                       }
-                                               } else if (Z_TYPE_PP(h_cl) == IS_LONG) {
-                                                       parser->body_length = Z_LVAL_PP(h_cl);
-                                                       php_http_message_parser_state_push(parser, 1, !parser->body_length?PHP_HTTP_MESSAGE_PARSER_STATE_BODY_DONE:PHP_HTTP_MESSAGE_PARSER_STATE_BODY_LENGTH);
-                                                       break;
-                                               }
-                                       }
-
                                        if (h_cr) {
                                                ulong total = 0, start = 0, end = 0;
 
                                                if (!strncasecmp(Z_STRVAL_PP(h_cr), "bytes", lenof("bytes"))
-                                               && (    Z_STRVAL_P(h)[lenof("bytes")] == ':'
-                                                       ||      Z_STRVAL_P(h)[lenof("bytes")] == ' '
-                                                       ||      Z_STRVAL_P(h)[lenof("bytes")] == '='
+                                               && (    Z_STRVAL_PP(h_cr)[lenof("bytes")] == ':'
+                                                       ||      Z_STRVAL_PP(h_cr)[lenof("bytes")] == ' '
+                                                       ||      Z_STRVAL_PP(h_cr)[lenof("bytes")] == '='
                                                        )
                                                ) {
                                                        char *total_at = NULL, *end_at = NULL;
@@ -356,7 +339,7 @@ php_http_message_parser_state_t php_http_message_parser_parse(php_http_message_p
                                                                        total = strtoul(total_at + 1, NULL, 10);
                                                                }
 
-                                                               if (end >= start && (!total || end < total)) {
+                                                               if (end >= start && (!total || end <= total)) {
                                                                        parser->body_length = end + 1 - start;
                                                                        php_http_message_parser_state_push(parser, 1, !parser->body_length?PHP_HTTP_MESSAGE_PARSER_STATE_BODY_DONE:PHP_HTTP_MESSAGE_PARSER_STATE_BODY_LENGTH);
                                                                        break;
@@ -365,6 +348,22 @@ php_http_message_parser_state_t php_http_message_parser_parse(php_http_message_p
                                                }
                                        }
 
+                                       if (h_cl) {
+                                               char *stop;
+
+                                               if (Z_TYPE_PP(h_cl) == IS_STRING) {
+                                                       parser->body_length = strtoul(Z_STRVAL_PP(h_cl), &stop, 10);
+
+                                                       if (stop != Z_STRVAL_PP(h_cl)) {
+                                                               php_http_message_parser_state_push(parser, 1, !parser->body_length?PHP_HTTP_MESSAGE_PARSER_STATE_BODY_DONE:PHP_HTTP_MESSAGE_PARSER_STATE_BODY_LENGTH);
+                                                               break;
+                                                       }
+                                               } else if (Z_TYPE_PP(h_cl) == IS_LONG) {
+                                                       parser->body_length = Z_LVAL_PP(h_cl);
+                                                       php_http_message_parser_state_push(parser, 1, !parser->body_length?PHP_HTTP_MESSAGE_PARSER_STATE_BODY_DONE:PHP_HTTP_MESSAGE_PARSER_STATE_BODY_LENGTH);
+                                                       break;
+                                               }
+                                       }
 
                                        if ((*message)->type == PHP_HTTP_REQUEST) {
                                                php_http_message_parser_state_push(parser, 1, PHP_HTTP_MESSAGE_PARSER_STATE_DONE);