summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/IO/IO.c1
-rw-r--r--src/IO/Url.h4
-rw-r--r--src/IO/http.c29
-rw-r--r--src/cache.c2
-rw-r--r--src/capi.c17
-rw-r--r--src/html.cc5
-rw-r--r--src/url.c23
-rw-r--r--src/url.h18
8 files changed, 52 insertions, 47 deletions
diff --git a/src/IO/IO.c b/src/IO/IO.c
index e833f970..2e09c1b0 100644
--- a/src/IO/IO.c
+++ b/src/IO/IO.c
@@ -354,6 +354,7 @@ void a_IO_ccc(int Op, int Branch, int Dir, ChainLink *Info,
case OpAbort:
io = Info->LocalKey;
if (io->Buf->len > 0) {
+ /* MSG can be truncated by embedded NULLs */
MSG_WARN("IO_write, closing with pending data not sent\n");
MSG_WARN(" \"%s\"\n", io->Buf->str);
}
diff --git a/src/IO/Url.h b/src/IO/Url.h
index 91a9c1bd..6d1995d0 100644
--- a/src/IO/Url.h
+++ b/src/IO/Url.h
@@ -3,7 +3,7 @@
#include "../chain.h"
#include "../url.h"
-
+#include "../../dlib/dlib.h"
#ifdef __cplusplus
extern "C" {
@@ -16,7 +16,7 @@ extern void a_Http_freeall(void);
int a_Http_init(void);
int a_Http_proxy_auth(void);
void a_Http_set_proxy_passwd(char *str);
-char *a_Http_make_query_str(const DilloUrl *url, bool_t use_proxy);
+Dstr *a_Http_make_query_str(const DilloUrl *url, bool_t use_proxy);
void a_Http_ccc (int Op, int Branch, int Dir, ChainLink *Info,
void *Data1, void *Data2);
diff --git a/src/IO/http.c b/src/IO/http.c
index 61c153eb..68fde338 100644
--- a/src/IO/http.c
+++ b/src/IO/http.c
@@ -180,9 +180,9 @@ Dstr *Http_make_content_type(const DilloUrl *url)
if (URL_FLAGS(url) & URL_MultipartEnc) {
MSG("submitting multipart/form-data!\n");
dstr = dStr_new("multipart/form-data; boundary=\"");
- if (strlen(URL_DATA(url)) > 2) {
+ if (URL_DATA(url)->len > 2) {
/* boundary lines have "--" prepended. Skip that. */
- const char *start = URL_DATA(url) + 2;
+ const char *start = URL_DATA(url)->str + 2;
char *eol = strchr(start, '\r');
if (eol)
dStr_append_l(dstr, start, eol - start);
@@ -200,9 +200,9 @@ Dstr *Http_make_content_type(const DilloUrl *url)
/*
* Make the http query string
*/
-char *a_Http_make_query_str(const DilloUrl *url, bool_t use_proxy)
+Dstr *a_Http_make_query_str(const DilloUrl *url, bool_t use_proxy)
{
- char *str, *ptr, *cookies, *referer;
+ char *ptr, *cookies, *referer;
Dstr *s_port = dStr_new(""),
*query = dStr_new(""),
*full_path = dStr_new(""),
@@ -246,12 +246,12 @@ char *a_Http_make_query_str(const DilloUrl *url, bool_t use_proxy)
"Content-Length: %ld\r\n"
"Content-Type: %s\r\n"
"%s"
- "\r\n"
- "%s",
+ "\r\n",
full_path->str, URL_HOST(url), s_port->str,
proxy_auth->str, referer, VERSION,
- (long)strlen(URL_DATA(url)), content_type->str,
- cookies, URL_DATA(url));
+ URL_DATA(url)->len, content_type->str,
+ cookies);
+ dStr_append_l(query, URL_DATA(url)->str, URL_DATA(url)->len);
dStr_free(content_type, TRUE);
} else {
dStr_sprintfa(
@@ -276,13 +276,12 @@ char *a_Http_make_query_str(const DilloUrl *url, bool_t use_proxy)
dFree(referer);
dFree(cookies);
- str = query->str;
- dStr_free(query, FALSE);
dStr_free(s_port, TRUE);
dStr_free(full_path, TRUE);
dStr_free(proxy_auth, TRUE);
- DEBUG_MSG(4, "Query:\n%s", str);
- return str;
+ /* debug msg will fail on embedded NULLs */
+ DEBUG_MSG(4, "Query:\n%s", query->str);
+ return query;
}
/*
@@ -290,12 +289,12 @@ char *a_Http_make_query_str(const DilloUrl *url, bool_t use_proxy)
*/
static void Http_send_query(ChainLink *Info, SocketData_t *S)
{
- char *query;
+ Dstr *query;
DataBuf *dbuf;
/* Create the query */
query = a_Http_make_query_str(S->Url, S->use_proxy);
- dbuf = a_Chain_dbuf_new(query, (int)strlen(query), 0);
+ dbuf = a_Chain_dbuf_new(query->str, query->len, 0);
/* actually this message is sent too early.
* It should go when the socket is ready for writing (i.e. connected) */
@@ -306,7 +305,7 @@ static void Http_send_query(ChainLink *Info, SocketData_t *S)
a_Chain_bcb(OpStart, Info, &S->SockFD, NULL);
a_Chain_bcb(OpSend, Info, dbuf, NULL);
dFree(dbuf);
- dFree(query);
+ dStr_free(query, 1);
/* Tell the cache to start the receiving CCC for the answer */
a_Chain_fcb(OpSend, Info, &S->SockFD, "SockFD");
diff --git a/src/cache.c b/src/cache.c
index 185c7846..933ad93e 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -576,7 +576,7 @@ static void Cache_parse_header(CacheEntry_t *entry)
* with huge files (e.g. iso files).
* Note: the buffer grows automatically. */
dStr_free(entry->Data, 1);
- entry->Data = dStr_sized_new(MIN(entry->ExpectedSize+1, MAX_INIT_BUF));
+ entry->Data = dStr_sized_new(MIN(entry->ExpectedSize, MAX_INIT_BUF));
}
/* Get Content-Type */
diff --git a/src/capi.c b/src/capi.c
index 40e35b57..77e80cf4 100644
--- a/src/capi.c
+++ b/src/capi.c
@@ -212,7 +212,7 @@ static int Capi_dpi_verify_request(DilloWeb *web)
/* test POST and GET */
if (dStrcasecmp(URL_SCHEME(web->url), "dpi") == 0 &&
- (strchr(URL_STR(web->url), '?') || URL_DATA_(web->url))) {
+ URL_FLAGS(web->url) & (URL_Post + URL_Get)) {
/* only allow dpi requests from dpi-generated urls */
if (a_Nav_stack_size(web->bw)) {
referer = a_History_get_url(NAV_TOP_UIDX(web->bw));
@@ -227,8 +227,10 @@ static int Capi_dpi_verify_request(DilloWeb *web)
if (!allow) {
MSG("Capi_dpi_verify_request: Permission Denied!\n");
MSG(" URL_STR : %s\n", URL_STR(web->url));
- if (URL_DATA_(web->url))
- MSG(" URL_DATA: %s\n", URL_DATA(web->url));
+ if (URL_FLAGS(web->url) & URL_Post) {
+ /* MSG will fail on embedded NULLs */
+ MSG(" URL_DATA: %s\n", URL_DATA(web->url)->str);
+ }
}
return allow;
}
@@ -271,14 +273,15 @@ static int Capi_url_uses_dpi(DilloUrl *url, char **server_ptr)
*/
static char *Capi_dpi_build_cmd(DilloWeb *web, char *server)
{
- char *cmd, *http_query;
+ char *cmd;
if (strcmp(server, "proto.https") == 0) {
/* Let's be kind and make the HTTP query string for the dpi */
- http_query = a_Http_make_query_str(web->url, FALSE);
+ Dstr *http_query = a_Http_make_query_str(web->url, FALSE);
+ /* BUG: embedded NULLs in query data will truncate message */
cmd = a_Dpip_build_cmd("cmd=%s url=%s query=%s",
- "open_url", URL_STR(web->url), http_query);
- dFree(http_query);
+ "open_url", URL_STR(web->url), http_query->str);
+ dStr_free(http_query, 1);
} else if (strcmp(server, "downloads") == 0) {
/* let the downloads server get it */
diff --git a/src/html.cc b/src/html.cc
index f635e1fd..7b604c1a 100644
--- a/src/html.cc
+++ b/src/html.cc
@@ -4150,7 +4150,8 @@ static void Html_submit_form2(DilloHtml *html, DilloHtmlForm *form,
if (form->method == DILLO_HTML_METHOD_POST) {
new_url = a_Url_new(action_str, NULL, 0, 0, 0);
- a_Url_set_data(new_url, DataStr->str);
+ /* new_url keeps the dStr and sets DataStr to NULL */
+ a_Url_set_data(new_url, &DataStr);
a_Url_set_flags(new_url, URL_FLAGS(new_url) | URL_Post);
if (form->enc == DILLO_HTML_ENC_MULTIPART) {
a_Url_set_flags(new_url, URL_FLAGS(new_url) | URL_MultipartEnc);
@@ -4171,7 +4172,7 @@ static void Html_submit_form2(DilloHtml *html, DilloHtmlForm *form,
a_Nav_push(html->bw, new_url);
dFree(action_str);
dStr_free(boundary, 1);
- dStr_free(DataStr, TRUE);
+ dStr_free(DataStr, 1);
if (encoder != (iconv_t) -1)
(void)iconv_close(encoder);
a_Url_free(new_url);
diff --git a/src/url.c b/src/url.c
index 2a81e74b..74a7e445 100644
--- a/src/url.c
+++ b/src/url.c
@@ -55,6 +55,11 @@
static const char *HEX = "0123456789ABCDEF";
+/* URL-field compare methods */
+#define URL_STR_FIELD_CMP(s1,s2) \
+ (s1) && (s2) ? strcmp(s1,s2) : !(s1) && !(s2) ? 0 : (s1) ? 1 : -1
+#define URL_STR_FIELD_I_CMP(s1,s2) \
+ (s1) && (s2) ? dStrcasecmp(s1,s2) : !(s1) && !(s2) ? 0 : (s1) ? 1 : -1
/*
* Return the url as a string.
@@ -183,7 +188,7 @@ void a_Url_free(DilloUrl *url)
if (url->hostname != url->authority)
dFree((char *)url->hostname);
dFree((char *)url->buffer);
- dFree((char *)url->data);
+ dStr_free(url->data, 1);
dFree((char *)url->alt);
dFree(url);
}
@@ -334,7 +339,7 @@ done:
* hostname = "dillo.sf.net"
* port = 8080
* flags = 0
- * data = NULL
+ * data = Dstr * ("")
* alt = NULL
* ismap_url_len = 0
* scrolling_position = 0
@@ -392,6 +397,7 @@ DilloUrl* a_Url_new(const char *url_str, const char *base_url,
/* Fill url data */
url = Url_object_new(SolvedUrl->str);
+ url->data = dStr_new("");
url->url_string = SolvedUrl;
url->flags = flags;
url->scrolling_position_x = posx;
@@ -418,14 +424,14 @@ DilloUrl* a_Url_dup(const DilloUrl *ori)
url->url_string = dStr_new(URL_STR(ori));
url->port = ori->port;
url->flags = ori->flags;
- url->data = dStrdup(ori->data);
url->alt = dStrdup(ori->alt);
url->ismap_url_len = ori->ismap_url_len;
url->scrolling_position_x = ori->scrolling_position_x;
url->scrolling_position_y = ori->scrolling_position_y;
url->illegal_chars = ori->illegal_chars;
url->illegal_chars_spc = ori->illegal_chars_spc;
-
+ url->data = dStr_sized_new(URL_DATA(ori)->len);
+ dStr_append_l(url->data, URL_DATA(ori)->str, URL_DATA(ori)->len);
return url;
}
@@ -452,7 +458,7 @@ int a_Url_cmp(const DilloUrl *A, const DilloUrl *B)
B->path ? B->path + (*B->path == '/') : "")) == 0 &&
//(st = URL_STR_FIELD_CMP(A->path, B->path)) == 0 &&
(st = URL_STR_FIELD_CMP(A->query, B->query)) == 0 &&
- (st = URL_STR_FIELD_CMP(A->data, B->data)) == 0 &&
+ (st = dStr_cmp(A->data, B->data)) == 0 &&
(st = URL_STR_FIELD_I_CMP(A->scheme, B->scheme) == 0)))
return 0;
return st;
@@ -470,11 +476,12 @@ void a_Url_set_flags(DilloUrl *u, int flags)
/*
* Set DilloUrl data (like POST info, etc.)
*/
-void a_Url_set_data(DilloUrl *u, char *data)
+void a_Url_set_data(DilloUrl *u, Dstr **data)
{
if (u) {
- dFree((char *)u->data);
- u->data = dStrdup(data);
+ dStr_free(u->data, 1);
+ u->data = *data;
+ *data = NULL;
}
}
diff --git a/src/url.h b/src/url.h
index 344ea15f..bb77fef1 100644
--- a/src/url.h
+++ b/src/url.h
@@ -55,9 +55,10 @@
#define URL_QUERY_(u) u->query
#define URL_FRAGMENT_(u) u->fragment
#define URL_HOST_(u) a_Url_hostname(u)
-#define URL_DATA_(u) u->data
#define URL_ALT_(u) u->alt
#define URL_STR_(u) a_Url_str(u)
+/* this returns a Dstr* */
+#define URL_DATA_(u) u->data
/* these return an integer */
#define URL_PORT_(u) (URL_HOST(u) ? u->port : u->port)
#define URL_FLAGS_(u) u->flags
@@ -67,7 +68,7 @@
#define URL_ILLEGAL_CHARS_SPC_(u) url->illegal_chars_spc
/*
- * Access methods that always return a string:
+ * Access methods that never return NULL.
* When the "empty" and "undefined" concepts of RFC-2396 are irrelevant to
* the caller, and a string is required, use these methods instead:
*/
@@ -78,7 +79,7 @@
#define URL_QUERY(u) NPTR2STR(URL_QUERY_(u))
#define URL_FRAGMENT(u) NPTR2STR(URL_FRAGMENT_(u))
#define URL_HOST(u) NPTR2STR(URL_HOST_(u))
-#define URL_DATA(u) NPTR2STR(URL_DATA_(u))
+#define URL_DATA(u) URL_DATA_(u)
#define URL_ALT(u) NPTR2STR(URL_ALT_(u))
#define URL_STR(u) NPTR2STR(URL_STR_(u))
#define URL_PORT(u) URL_PORT_(u)
@@ -89,13 +90,6 @@
#define URL_ILLEGAL_CHARS_SPC(u) URL_ILLEGAL_CHARS_SPC_(u)
-/* URL-field compare methods */
-#define URL_STR_FIELD_CMP(s1,s2) \
- (s1) && (s2) ? strcmp(s1,s2) : !(s1) && !(s2) ? 0 : (s1) ? 1 : -1
-#define URL_STR_FIELD_I_CMP(s1,s2) \
- (s1) && (s2) ? dStrcasecmp(s1,s2) : !(s1) && !(s2) ? 0 : (s1) ? 1 : -1
-
-
typedef struct _DilloUrl DilloUrl;
#ifdef __cplusplus
@@ -113,7 +107,7 @@ struct _DilloUrl {
const char *hostname; //
int port;
int flags;
- const char *data; /* POST */
+ Dstr *data; /* POST */
const char *alt; /* "alt" text (used by image maps) */
int ismap_url_len; /* Used by server side image maps */
int32_t scrolling_position_x, /* remember position of visited urls */
@@ -131,7 +125,7 @@ const char *a_Url_hostname(const DilloUrl *u);
DilloUrl* a_Url_dup(const DilloUrl *u);
int a_Url_cmp(const DilloUrl *A, const DilloUrl *B);
void a_Url_set_flags(DilloUrl *u, int flags);
-void a_Url_set_data(DilloUrl *u, char *data);
+void a_Url_set_data(DilloUrl *u, Dstr **data);
void a_Url_set_alt(DilloUrl *u, const char *alt);
void a_Url_set_pos(DilloUrl *u, int32_t posx, int32_t posy);
void a_Url_set_ismap_coords(DilloUrl *u, char *coord_str);