W3C home > Mailing lists > Public > www-lib@w3.org > January to March 2001

one more bug in HTTChunk.c

From: Jens Meggers <jens.meggers@firepad.com>
Date: Sun, 25 Mar 2001 13:55:37 -0800
Message-ID: <DDF913B74F07D411B22500B0D0206D9F185474@FIREPLUG>
To: "'www-lib@w3.org'" <www-lib@w3.org>
Hi,

sorry for bombing you with bug reports, but there is an additional bug in
HTTChunk.c. In the procedure HTChunkDecode_header(), there is a user
breakpoint for the case the chunk length is not present in a line where it
is expected. I understand that a bug in a web server may cause such problem.
In order to graceful recover from such a request, the function should return
an error code in 

		if (errstr == line) {
		    HTDEBUGBREAK("Chunk decoder received illigal chunk size:
`%s\'\n" _ line);
			return NO;
		}

The original version just continues, and returns a zero, causing the chunk
decoder to screw up. I just added the "return NO" code.

Regards,


Jens




/*
**	Chunked Decoder stream
*/
PRIVATE BOOL HTChunkDecode_header (HTStream * me) 
{
    char * line = HTChunk_data(me->buf);
    if (line) {

		char *errstr = NULL;
		me->left = strtol(line, &errstr, 16);    /* hex! */
		HTTRACE(STREAM_TRACE, "Chunked..... `%s\' chunk size: %X\n"
_ line _ me->left);

		if (errstr == line) {
		    HTDEBUGBREAK("Chunk decoder received illigal chunk size:
`%s\'\n" _ line);
			return NO;
		}

		if (me->left > 0) {
		    me->total += me->left;

		    /* Look for arguments */
	
		    HTChunk_clear(me->buf);

		} else if (me->left == 0)	       		      /*
Last chunk */

		    me->lastchunk = YES;

		else if (me->left < 0)

		    return NO;

		return YES;
    }

    return NO;
}
Received on Sunday, 25 March 2001 17:05:59 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 23 April 2007 18:18:39 GMT