-const char parsers_rcs[] = "$Id: parsers.c,v 1.147 2008/11/04 17:20:31 fabiankeil Exp $";
+const char parsers_rcs[] = "$Id: parsers.c,v 1.153 2009/03/07 13:09:17 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/parsers.c,v $
* `client_if_none_match', `get_destination_from_headers',
* `parse_header_time', `decompress_iob' and `server_set_cookie'.
*
- * Copyright : Written by and Copyright (C) 2001-2008 the SourceForge
+ * Copyright : Written by and Copyright (C) 2001-2009 the
* Privoxy team. http://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
*
* Revisions :
* $Log: parsers.c,v $
+ * Revision 1.153 2009/03/07 13:09:17 fabiankeil
+ * Change csp->expected_content and_csp->expected_content_length from
+ * size_t to unsigned long long to reduce the likelihood of integer
+ * overflows that would let us close the connection prematurely.
+ * Bug found while investigating #2669131, reported by cyberpatrol.
+ *
+ * Revision 1.152 2009/03/01 18:43:48 fabiankeil
+ * Help clang understand that we aren't dereferencing
+ * NULL pointers here.
+ *
+ * Revision 1.151 2009/02/15 14:46:35 fabiankeil
+ * Don't let hide-referrer{conditional-*}} pass
+ * Referer headers without http URLs.
+ *
+ * Revision 1.150 2008/12/04 18:12:19 fabiankeil
+ * Fix some cparser warnings.
+ *
+ * Revision 1.149 2008/11/21 18:39:53 fabiankeil
+ * In case of CONNECT requests there's no point
+ * in trying to keep the connection alive.
+ *
+ * Revision 1.148 2008/11/16 12:43:49 fabiankeil
+ * Turn keep-alive support into a runtime feature
+ * that is disabled by setting keep-alive-timeout
+ * to a negative value.
+ *
* Revision 1.147 2008/11/04 17:20:31 fabiankeil
* HTTP/1.1 responses without Connection
* header imply keep-alive. Act accordingly.
* file, the results are not portable.
*
*********************************************************************/
-int flush_socket(jb_socket fd, struct iob *iob)
+long flush_socket(jb_socket fd, struct iob *iob)
{
- int len = iob->eod - iob->cur;
+ long len = iob->eod - iob->cur;
if (len <= 0)
{
* or buffer limit reached.
*
*********************************************************************/
-jb_err add_to_iob(struct client_state *csp, char *buf, int n)
+jb_err add_to_iob(struct client_state *csp, char *buf, long n)
{
struct iob *iob = csp->iob;
size_t used, offset, need, want;
cur = csp->iob->cur;
- if (bufsize < 10)
+ if (bufsize < (size_t)10)
{
/*
* This is to protect the parsing of gzipped data,
*/
assert(zstr.avail_out == tmpbuf + bufsize - (char *)zstr.next_out);
assert((char *)zstr.next_out == tmpbuf + ((char *)oldnext_out - buf));
- assert(zstr.avail_out > 0);
+ assert(zstr.avail_out > 0U);
buf = tmpbuf;
}
&& (csp->iob->eod <= csp->iob->buf + csp->iob->size))
{
const size_t new_size = (size_t)(csp->iob->eod - csp->iob->cur);
- if (new_size > 0)
+ if (new_size > (size_t)0)
{
log_error(LOG_LEVEL_RE_FILTER,
"Decompression successful. Old size: %d, new size: %d.",
/* FIXME No way to handle error properly */
log_error(LOG_LEVEL_FATAL, "Out of memory in get_header_line()");
}
+ assert(ret != NULL);
iob->cur = p+1;
if (0 > hits)
{
/* Regex failure, log it but continue anyway. */
+ assert(NULL != header);
log_error(LOG_LEVEL_ERROR,
"Problems with tagger \'%s\' and header \'%s\': %s",
b->name, *header, pcrs_strerror(hits));
*********************************************************************/
static jb_err crumble(struct client_state *csp, char **header)
{
+ (void)csp;
log_error(LOG_LEVEL_HEADER, "crumble crunched: %s!", *header);
freez(*header);
return JB_ERR_OK;
*********************************************************************/
static jb_err server_save_content_length(struct client_state *csp, char **header)
{
- unsigned int content_length = 0;
+ unsigned long long content_length = 0;
assert(*(*header+14) == ':');
- if (1 != sscanf(*header+14, ": %u", &content_length))
+ if (1 != sscanf(*header+14, ": %llu", &content_length))
{
log_error(LOG_LEVEL_ERROR, "Crunching invalid header: %s", *header);
freez(*header);
(0 == strcmpic(csp->http->gpc, "options")))
{
assert(*(*header+12) == ':');
- if (1 == sscanf(*header+12, ": %u", &max_forwards))
+ if (1 == sscanf(*header+12, ": %d", &max_forwards))
{
if (max_forwards > 0)
{
- snprintf(*header, strlen(*header)+1, "Max-Forwards: %u", --max_forwards);
- log_error(LOG_LEVEL_HEADER, "Max-Forwards value for %s request reduced to %u.",
+ snprintf(*header, strlen(*header)+1, "Max-Forwards: %d", --max_forwards);
+ log_error(LOG_LEVEL_HEADER,
+ "Max-Forwards value for %s request reduced to %d.",
csp->http->gpc, max_forwards);
}
else if (max_forwards < 0)
{
char *referer = strdup(*header);
const size_t hostlenght = strlen(host);
+ const char *referer_url = NULL;
if (NULL == referer)
{
}
/* referer begins with 'Referer: http[s]://' */
- if (hostlenght < (strlen(referer)-17))
+ if ((hostlenght+17) < strlen(referer))
{
/*
* Shorten referer to make sure the referer is blocked
*/
referer[hostlenght+17] = '\0';
}
- if (NULL == strstr(referer, host))
+ referer_url = strstr(referer, "http://");
+ if ((NULL == referer_url) || (NULL == strstr(referer_url, host)))
{
- /* Host has changed */
+ /* Host has changed, Referer is invalid or a https URL. */
if (parameter_conditional_block)
{
log_error(LOG_LEVEL_HEADER, "New host is: %s. Crunching %s!", host, *header);
static const char connection_keep_alive[] = "Connection: keep-alive";
static const char connection_close[] = "Connection: close";
- if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE))
+ if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE)
+ && (csp->http->ssl == 0))
{
return connection_keep_alive;
}