* XXX: this code is untested and should probably be removed.
*/
int skip_bytes;
+
+ if (cur + 2 >= csp->iob->eod)
+ {
+ log_error(LOG_LEVEL_ERROR,
+ "gzip extra field flag set but insufficient data available.");
+ return JB_ERR_COMPRESS;
+ }
+
skip_bytes = *cur++;
skip_bytes += (unsigned char)*cur++ << 8;
if (flags & GZIP_FLAG_FILE_NAME)
{
/* A null-terminated string is supposed to follow. */
- while (*cur++ && (cur < csp->iob->eod));
+ while ((cur < csp->iob->eod) && *cur++);
}
/* Skip the comment if necessary. */
if (flags & GZIP_FLAG_COMMENT)
{
/* A null-terminated string is supposed to follow. */
- while (*cur++ && (cur < csp->iob->eod));
+ while ((cur < csp->iob->eod) && *cur++);
}
/* Skip the CRC if necessary. */
v++;
}
+ if (filter_server_headers &&
+ (csp->flags & CSP_FLAG_SERVER_CONTENT_LENGTH_SET) &&
+ (csp->flags & CSP_FLAG_CHUNKED))
+ {
+ /* RFC 2616 4.4 3 */
+ log_error(LOG_LEVEL_HEADER, "Ignoring the Content-Length header "
+ "sent by the server as the response is chunk-encoded.");
+ csp->flags &= ~CSP_FLAG_CONTENT_LENGTH_SET;
+ csp->expected_content_length = 0;
+ }
+
/* place additional headers on the csp->headers list */
while ((err == JB_ERR_OK) && (*f))
{