X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=cgi.c;h=9e1e8e41c0ce6966930361d690722126151f0200;hb=6656475c4f06a0a237265f97f09b0e9700b12ae0;hp=556aa4368e05ffb35b6eb65055351f58010854c8;hpb=3b9357f0f104bae9c6b8d317c31853bd3284fa55;p=privoxy.git diff --git a/cgi.c b/cgi.c index 556aa436..9e1e8e41 100644 --- a/cgi.c +++ b/cgi.c @@ -1,4 +1,4 @@ -const char cgi_rcs[] = "$Id: cgi.c,v 1.151 2012/06/08 15:07:53 fabiankeil Exp $"; +const char cgi_rcs[] = "$Id: cgi.c,v 1.155 2012/09/18 18:29:55 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/cgi.c,v $ @@ -346,6 +346,21 @@ struct http_response *dispatch_cgi(struct client_state *csp) return NULL; } + if (strcmpic(csp->http->gpc, "GET") + && strcmpic(csp->http->gpc, "HEAD")) + { + log_error(LOG_LEVEL_ERROR, + "CGI request with unsupported method received: %s", csp->http->gpc); + /* + * The CGI pages currently only support GET and HEAD requests. + * + * If the client used a different method, ditch any data following + * the current headers to reduce the likelihood of parse errors + * with the following request. + */ + csp->client_iob->eod = csp->client_iob->cur; + } + /* * This is a CGI call. */ @@ -614,12 +629,7 @@ static struct map *parse_cgi_parameters(char *argstring) */ max_segments = 1; } - vector = malloc(max_segments * sizeof(char *)); - - if (NULL == vector) - { - return NULL; - } + vector = malloc_or_die(max_segments * sizeof(char *)); if (NULL == (cgi_params = new_map())) { @@ -637,7 +647,7 @@ static struct map *parse_cgi_parameters(char *argstring) *p = '\0'; } - pairs = ssplit(argstring, "&", vector, max_segments, 1, 1); + pairs = ssplit(argstring, "&", vector, max_segments); assert(pairs != -1); if (pairs == -1) { @@ -1186,11 +1196,7 @@ jb_err cgi_error_no_template(const struct client_state *csp, rsp->head_length = 0; rsp->is_static = 0; - rsp->body = malloc(body_size); - if (rsp->body == NULL) - { - return JB_ERR_MEMORY; - } + rsp->body = malloc_or_die(body_size); strlcpy(rsp->body, body_prefix, body_size); strlcat(rsp->body, template_name, body_size); strlcat(rsp->body, body_suffix, body_size); @@ -1266,11 +1272,7 @@ jb_err cgi_error_unknown(const struct client_state *csp, rsp->is_static = 0; rsp->crunch_reason = INTERNAL_ERROR; - rsp->body = malloc(body_size); - if (rsp->body == NULL) - { - return JB_ERR_MEMORY; - } + rsp->body = malloc_or_die(body_size); snprintf(rsp->body, body_size, "%s%d%s", body_prefix, error_to_report, body_suffix); @@ -1528,12 +1530,7 @@ char *compress_buffer(char *buffer, size_t *buffer_length, int compression_level /* Let zlib figure out the maximum length of the compressed data */ new_length = compressBound((uLongf)*buffer_length); - compressed_buffer = malloc(new_length); - if (NULL == compressed_buffer) - { - log_error(LOG_LEVEL_FATAL, - "Out of memory allocation compression buffer."); - } + compressed_buffer = malloc_or_die(new_length); if (Z_OK != compress2((Bytef *)compressed_buffer, &new_length, (Bytef *)buffer, *buffer_length, compression_level)) @@ -1732,7 +1729,8 @@ struct http_response *finish_http_response(const struct client_state *csp, struc if (!err) err = enlist_unique_header(rsp->headers, "Pragma", "no-cache"); } - if (!err && !(csp->flags & CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE)) + if (!err && (!(csp->flags & CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE) + || (csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED))) { err = enlist_unique_header(rsp->headers, "Connection", "close"); }