X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=jcc.c;h=4095e3c01e4892a3456e2c1f3e97f0a65ce3a31d;hp=ca283d3fcaae903e5e22dbf376f1328955e6b33e;hb=cbc140bf7027d1026bdd983aa9267c5f223822bd;hpb=6fa9aefbe715c2a9f2a526fa0f335e251ce7093c

diff --git a/jcc.c b/jcc.c
index ca283d3f..4095e3c0 100644
--- a/jcc.c
+++ b/jcc.c
@@ -1,4 +1,4 @@
-const char jcc_rcs[] = "$Id: jcc.c,v 1.228 2009/03/06 20:30:13 fabiankeil Exp $";
+const char jcc_rcs[] = "$Id: jcc.c,v 1.231 2009/03/08 14:19:23 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/jcc.c,v $
@@ -33,6 +33,19 @@ const char jcc_rcs[] = "$Id: jcc.c,v 1.228 2009/03/06 20:30:13 fabiankeil Exp $"
  *
  * Revisions   :
  *    $Log: jcc.c,v $
+ *    Revision 1.231  2009/03/08 14:19:23  fabiankeil
+ *    Fix justified (but harmless) compiler warnings
+ *    on platforms where sizeof(int) < sizeof(long).
+ *
+ *    Revision 1.230  2009/03/07 13:09:17  fabiankeil
+ *    Change csp->expected_content and_csp->expected_content_length from
+ *    size_t to unsigned long long to reduce the likelihood of integer
+ *    overflows that would let us close the connection prematurely.
+ *    Bug found while investigating #2669131, reported by cyberpatrol.
+ *
+ *    Revision 1.229  2009/03/07 11:17:01  fabiankeil
+ *    Fix compiler warning.
+ *
  *    Revision 1.228  2009/03/06 20:30:13  fabiankeil
  *    Log unsigned values as such.
  *
@@ -2161,7 +2174,8 @@ static jb_err change_request_destination(struct client_state *csp)
  *                FALSE otherwise.
  *
  *********************************************************************/
-static int server_response_is_complete(struct client_state *csp, size_t content_length)
+static int server_response_is_complete(struct client_state *csp,
+   unsigned long long content_length)
 {
    int content_length_known = !!(csp->flags & CSP_FLAG_CONTENT_LENGTH_SET);
 
@@ -2571,7 +2585,7 @@ static void chat(struct client_state *csp)
    jb_socket maxfd;
    int server_body;
    int ms_iis5_hack = 0;
-   size_t byte_count = 0;
+   unsigned long long byte_count = 0;
    int forwarded_connect_retries = 0;
    int max_forwarded_connect_retries = csp->config->forwarded_connect_retries;
    const struct forward_spec *fwd;
@@ -2586,8 +2600,6 @@ static void chat(struct client_state *csp)
    struct timeval timeout;
 
    memset(buf, 0, sizeof(buf));
-   memset(&timeout, 0, sizeof(timeout));
-   timeout.tv_sec = csp->config->socket_timeout;
 
    http = csp->http;
 
@@ -2810,15 +2822,15 @@ static void chat(struct client_state *csp)
          log_error(LOG_LEVEL_CONNECT,
             "Looks like we read the last chunk together with "
             "the server headers. We better stop reading.");
-         byte_count = (size_t)(csp->iob->eod - csp->iob->cur);
+         byte_count = (unsigned long long)(csp->iob->eod - csp->iob->cur);
          csp->expected_content_length = byte_count;
          csp->flags |= CSP_FLAG_CONTENT_LENGTH_SET;
       }
       if (server_body && server_response_is_complete(csp, byte_count))
       {
          log_error(LOG_LEVEL_CONNECT,
-            "Done reading from server. Expected content length: %u. "
-            "Actual content length: %u. Most recently received: %d.",
+            "Done reading from server. Expected content length: %llu. "
+            "Actual content length: %llu. Most recently received: %d.",
             csp->expected_content_length, byte_count, len);
          len = 0;
          /*
@@ -2829,6 +2841,8 @@ static void chat(struct client_state *csp)
       }
 #endif  /* FEATURE_CONNECTION_KEEP_ALIVE */
 
+      timeout.tv_sec = csp->config->socket_timeout;
+      timeout.tv_usec = 0;
       n = select((int)maxfd+1, &rfds, NULL, NULL, &timeout);
 
       if (n == 0)
@@ -2932,7 +2946,7 @@ static void chat(struct client_state *csp)
                log_error(LOG_LEVEL_CONNECT,
                   "Looks like we reached the end of the last chunk. "
                   "We better stop reading.");
-               csp->expected_content_length = byte_count + (size_t)len;
+               csp->expected_content_length = byte_count + (unsigned long long)len;
                csp->flags |= CSP_FLAG_CONTENT_LENGTH_SET;
             }
          }
@@ -3001,7 +3015,8 @@ static void chat(struct client_state *csp)
                   }
 
                   if (write_socket(csp->cfd, hdr, strlen(hdr))
-                   || write_socket(csp->cfd, p != NULL ? p : csp->iob->cur, csp->content_length))
+                   || write_socket(csp->cfd,
+                         ((p != NULL) ? p : csp->iob->cur), (size_t)csp->content_length))
                   {
                      log_error(LOG_LEVEL_ERROR, "write modified content to client failed: %E");
                      freez(hdr);
@@ -3085,7 +3100,7 @@ static void chat(struct client_state *csp)
                    * we just flushed. len will be added a few lines below,
                    * hdrlen doesn't matter for LOG_LEVEL_CLF.
                    */
-                  byte_count = (size_t)flushed;
+                  byte_count = (unsigned long long)flushed;
                   freez(hdr);
                   content_filter = NULL;
                   server_body = 1;
@@ -3100,7 +3115,7 @@ static void chat(struct client_state *csp)
                   return;
                }
             }
-            byte_count += (size_t)len;
+            byte_count += (unsigned long long)len;
             continue;
          }
          else
@@ -3142,11 +3157,11 @@ static void chat(struct client_state *csp)
                    * Since we have to wait for more from the server before
                    * we can parse the headers we just continue here.
                    */
-                  int header_offset = csp->iob->cur - header_start;
+                  long header_offset = csp->iob->cur - header_start;
                   assert(csp->iob->cur >= header_start);
-                  byte_count += (size_t)(len - header_offset);
+                  byte_count += (unsigned long long)(len - header_offset);
                   log_error(LOG_LEVEL_CONNECT, "Continuing buffering headers. "
-                     "byte_count: %u. header_offset: %d. len: %d.",
+                     "byte_count: %llu. header_offset: %d. len: %d.",
                      byte_count, header_offset, len);
                   continue;
                }
@@ -3246,7 +3261,7 @@ static void chat(struct client_state *csp)
                   return;
                }
 
-               byte_count += (size_t)len;
+               byte_count += (unsigned long long)len;
             }
             else
             {
@@ -3254,9 +3269,9 @@ static void chat(struct client_state *csp)
                 * XXX: the header lenght should probably
                 * be calculated by get_server_headers().
                 */
-               int header_length = csp->iob->cur - header_start;
+               long header_length = csp->iob->cur - header_start;
                assert(csp->iob->cur > header_start);
-               byte_count += (size_t)(len - header_length);
+               byte_count += (unsigned long long)(len - header_length);
             }
 
             /* we're finished with the server's header */
@@ -3296,13 +3311,13 @@ static void chat(struct client_state *csp)
       && (csp->expected_content_length != byte_count))
    {
       log_error(LOG_LEVEL_CONNECT,
-         "Received %u bytes while expecting %u.",
+         "Received %llu bytes while expecting %llu.",
          byte_count, csp->expected_content_length);
       mark_server_socket_tainted(csp);
    }
 #endif
 
-   log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" 200 %u",
+   log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" 200 %llu",
       csp->ip_addr_str, http->ocmd, csp->content_length);
 }