Mercurial > hg > orthanc
comparison OrthancFramework/Resources/Patches/mongoose-3.8-patch.diff @ 4044:d25f4c0fa160 framework
splitting code into OrthancFramework and OrthancServer
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Wed, 10 Jun 2020 20:30:34 +0200 |
parents | Resources/Patches/mongoose-3.8-patch.diff@72e809e57ba4 |
children |
comparison
equal
deleted
inserted
replaced
4043:6c6239aec462 | 4044:d25f4c0fa160 |
---|---|
1 --- mongoose.c.orig 2019-07-31 14:06:36.043726677 +0200 | |
2 +++ mongoose.c 2019-07-31 14:10:06.767727652 +0200 | |
3 @@ -50,6 +50,14 @@ | |
4 #define PATH_MAX FILENAME_MAX | |
5 #endif // __SYMBIAN32__ | |
6 | |
7 +#if __gnu_hurd__ == 1 | |
8 +/** | |
9 + * There is no limit on the length on a path under GNU Hurd, so we set | |
10 + * it to an arbitrary constant. | |
11 + **/ | |
12 +#define PATH_MAX 4096 | |
13 +#endif | |
14 + | |
15 #ifndef _WIN32_WCE // Some ANSI #includes are not available on Windows CE | |
16 #include <sys/types.h> | |
17 #include <sys/stat.h> | |
18 @@ -108,8 +116,9 @@ | |
19 #define strtoll(x, y, z) _atoi64(x) | |
20 #else | |
21 #define __func__ __FUNCTION__ | |
22 -#define strtoull(x, y, z) _strtoui64(x, y, z) | |
23 -#define strtoll(x, y, z) _strtoi64(x, y, z) | |
24 +#include <stdlib.h> | |
25 +//#define strtoull(x, y, z) _strtoui64(x, y, z) | |
26 +//#define strtoll(x, y, z) _strtoi64(x, y, z) | |
27 #endif // _MSC_VER | |
28 | |
29 #define ERRNO GetLastError() | |
30 @@ -2997,19 +3006,19 @@ | |
31 } | |
32 } | |
33 | |
34 -static int is_valid_http_method(const char *method) { | |
35 - return !strcmp(method, "GET") || !strcmp(method, "POST") || | |
36 +static int is_valid_http_method(const char *method, int *isValidHttpMethod) { | |
37 + *isValidHttpMethod = !strcmp(method, "GET") || !strcmp(method, "POST") || | |
38 !strcmp(method, "HEAD") || !strcmp(method, "CONNECT") || | |
39 !strcmp(method, "PUT") || !strcmp(method, "DELETE") || | |
40 !strcmp(method, "OPTIONS") || !strcmp(method, "PROPFIND") | |
41 - || !strcmp(method, "MKCOL") | |
42 - ; | |
43 + || !strcmp(method, "MKCOL"); | |
44 + return *isValidHttpMethod; | |
45 } | |
46 | |
47 // Parse HTTP request, fill in mg_request_info structure. | |
48 // This function modifies the buffer by NUL-terminating | |
49 // HTTP request components, header names and header values. | |
50 -static int parse_http_message(char *buf, int len, struct mg_request_info *ri) { | |
51 +static int parse_http_message(char *buf, int len, struct mg_request_info *ri, int *isValidHttpMethod) { | |
52 int is_request, request_length = get_request_len(buf, len); | |
53 if (request_length > 0) { | |
54 // Reset attributes. DO NOT TOUCH is_ssl, remote_ip, remote_port | |
55 @@ -3025,7 +3034,7 @@ | |
56 ri->request_method = skip(&buf, " "); | |
57 ri->uri = skip(&buf, " "); | |
58 ri->http_version = skip(&buf, "\r\n"); | |
59 - if (((is_request = is_valid_http_method(ri->request_method)) && | |
60 + if (((is_request = is_valid_http_method(ri->request_method, isValidHttpMethod)) && | |
61 memcmp(ri->http_version, "HTTP/", 5) != 0) || | |
62 (!is_request && memcmp(ri->request_method, "HTTP/", 5)) != 0) { | |
63 request_length = -1; | |
64 @@ -4930,7 +4939,7 @@ | |
65 return uri[0] == '/' || (uri[0] == '*' && uri[1] == '\0'); | |
66 } | |
67 | |
68 -static int getreq(struct mg_connection *conn, char *ebuf, size_t ebuf_len) { | |
69 +static int getreq(struct mg_connection *conn, char *ebuf, size_t ebuf_len, int *isValidHttpMethod) { | |
70 const char *cl; | |
71 | |
72 ebuf[0] = '\0'; | |
73 @@ -4944,7 +4953,7 @@ | |
74 } else if (conn->request_len <= 0) { | |
75 snprintf(ebuf, ebuf_len, "%s", "Client closed connection"); | |
76 } else if (parse_http_message(conn->buf, conn->buf_size, | |
77 - &conn->request_info) <= 0) { | |
78 + &conn->request_info, isValidHttpMethod) <= 0) { | |
79 snprintf(ebuf, ebuf_len, "Bad request: [%.*s]", conn->data_len, conn->buf); | |
80 } else { | |
81 // Request is valid | |
82 @@ -4973,7 +4982,8 @@ | |
83 } else if (mg_vprintf(conn, fmt, ap) <= 0) { | |
84 snprintf(ebuf, ebuf_len, "%s", "Error sending request"); | |
85 } else { | |
86 - getreq(conn, ebuf, ebuf_len); | |
87 + int isValidHttpMethod = 1; /* unused in this case */ | |
88 + getreq(conn, ebuf, ebuf_len, &isValidHttpMethod); | |
89 } | |
90 if (ebuf[0] != '\0' && conn != NULL) { | |
91 mg_close_connection(conn); | |
92 @@ -4995,8 +5005,13 @@ | |
93 // to crule42. | |
94 conn->data_len = 0; | |
95 do { | |
96 - if (!getreq(conn, ebuf, sizeof(ebuf))) { | |
97 + int isValidHttpMethod = 1; | |
98 + if (!getreq(conn, ebuf, sizeof(ebuf), &isValidHttpMethod)) { | |
99 + if (isValidHttpMethod) { | |
100 send_http_error(conn, 500, "Server Error", "%s", ebuf); | |
101 + } else { | |
102 + send_http_error(conn, 400, "Bad Request", "%s", ebuf); | |
103 + } | |
104 conn->must_close = 1; | |
105 } else if (!is_valid_uri(conn->request_info.uri)) { | |
106 snprintf(ebuf, sizeof(ebuf), "Invalid URI: [%s]", ri->uri); |