Project homepage Mailing List  Warmcat.com  API Docs  Github Mirror 
{"schema":"libjg2-1", "vpath":"/git/", "avatar":"/git/avatar/", "alang":"", "gen_ut":1752654218, "reponame":"libwebsockets", "desc":"libwebsockets lightweight C networking library", "owner": { "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" },"url":"https://libwebsockets.org/repo/libwebsockets", "f":3, "items": [ {"schema":"libjg2-1", "cid":"9b9206a82f5a25d1ba1bdc03bebfaf06", "commit": {"type":"commit", "time": 1610352766, "time_ofs": 0, "oid_tree": { "oid": "37aded1b43c531a5a6d74f058d5e39f8e3e3c739", "alias": []}, "oid":{ "oid": "780a165a76bcaf2ea852e28658c0429f105e0548", "alias": []}, "msg": "ss: http: mime parsing with unusual section boundaries", "sig_commit": { "git_time": { "time": 1610352766, "offset": 0 }, "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" }, "sig_author": { "git_time": { "time": 1609981997, "offset": -480 }, "name": "Jed Lu", "email": "jianlu@amazon.com", "md5": "ce74f834db5eb16ad715cc95ced04f1f" }}, "body": "ss: http: mime parsing with unusual section boundaries\n" , "diff": "diff --git a/lib/secure-streams/private-lib-secure-streams.h b/lib/secure-streams/private-lib-secure-streams.h\nindex 5152065..2109909 100644\n--- a/lib/secure-streams/private-lib-secure-streams.h\n+++ b/lib/secure-streams/private-lib-secure-streams.h\n@@ -97,6 +97,7 @@ typedef struct lws_ss_handle {\n \t\t\tuint8_t boundary_post; /* swallow post CRLF */\n \n \t\t\tuint8_t som:1;\t/* SOM has been sent */\n+\t\t\tuint8_t eom:1; /* EOM has been sent */\n \t\t\tuint8_t any:1;\t/* any content has been sent */\n \n \ndiff --git a/lib/secure-streams/protocols/ss-h1.c b/lib/secure-streams/protocols/ss-h1.c\nindex d4ad656..1e39b24 100644\n--- a/lib/secure-streams/protocols/ss-h1.c\n+++ b/lib/secure-streams/protocols/ss-h1.c\n@@ -37,6 +37,7 @@ ss_http_multipart_parser(lws_ss_handle_t *h, void *in, size_t len)\n \tuint8_t *q \u003d (uint8_t *)in;\n \tint pending_issue \u003d 0, n \u003d 0;\n \n+\n \t/* let's stick it in the boundary state machine first */\n \twhile (n \u003c (int)len) {\n \t\tif (h-\u003eu.http.boundary_seq !\u003d h-\u003eu.http.boundary_len) {\n@@ -74,7 +75,7 @@ ss_http_multipart_parser(lws_ss_handle_t *h, void *in, size_t len)\n \t\t\t * remainder to send.\n \t\t\t */\n \t\t\tif (n \u003e\u003d pending_issue + h-\u003eu.http.boundary_len +\n-\t\t\t (h-\u003eu.http.any ? 2 : 0) + 1)\n+\t\t\t (h-\u003eu.http.any ? 2 : 0) + 1) {\n \t\t\t\th-\u003einfo.rx(ss_to_userobj(h),\n \t\t\t\t\t \u0026q[pending_issue],\n \t\t\t\t\t (unsigned int)(n - pending_issue -\n@@ -82,6 +83,8 @@ ss_http_multipart_parser(lws_ss_handle_t *h, void *in, size_t len)\n \t\t\t\t\t (h-\u003eu.http.any ? 2 : 0) /* crlf */),\n \t\t\t\t (!h-\u003eu.http.som ? LWSSS_FLAG_SOM : 0) |\n \t\t\t\t LWSSS_FLAG_EOM | LWSSS_FLAG_RELATED_END);\n+\t\t\t\th-\u003eu.http.eom \u003d 1;\n+\t\t\t}\n \n \t\t\t/*\n \t\t\t * Peer may not END_STREAM us\n@@ -123,28 +126,59 @@ ss_http_multipart_parser(lws_ss_handle_t *h, void *in, size_t len)\n \t\t\t * remainder to send.\n \t\t\t */\n \t\t\tif (n \u003e\u003d pending_issue + h-\u003eu.http.boundary_len +\n-\t\t\t (h-\u003eu.http.any ? 2 : 0))\n+\t\t\t (h-\u003eu.http.any ? 2 : 0)) {\n \t\t\t\th-\u003einfo.rx(ss_to_userobj(h), \u0026q[pending_issue],\n \t\t\t\t\t (unsigned int)(n - pending_issue -\n \t\t\t\t\t h-\u003eu.http.boundary_len -\n \t\t\t\t\t (h-\u003eu.http.any ? 2 /* crlf */ : 0)),\n \t\t\t\t\t (!h-\u003eu.http.som ? LWSSS_FLAG_SOM : 0) |\n \t\t\t\t\t LWSSS_FLAG_EOM);\n+\t\t\t\th-\u003eu.http.eom \u003d 1;\n+\t\t\t}\n \t\t}\n \n \t\t/* Next message starts after this boundary */\n \n \t\tpending_issue \u003d n;\n-\t\th-\u003eu.http.som \u003d 0;\n+\t\tif (h-\u003eu.http.eom) {\n+\t\t\t/* reset only if we have sent eom */\n+\t\t\th-\u003eu.http.som \u003d 0;\n+\t\t\th-\u003eu.http.eom \u003d 0;\n+\t\t}\n \n around:\n \t\tn++;\n \t}\n \n \tif (pending_issue !\u003d n) {\n+\t\tuint8_t oh \u003d 0;\n+\n+\t\t/*\n+\t\t * handle the first or last \u0022--boundaryCRLF\u0022 case which is not captured in the\n+\t\t * previous loop, on the Bob downchannel (/directive)\n+\t\t *\n+\t\t * probably does not cover the case that one boundary term is separated in multipile\n+\t\t * one callbacks though never see such case\n+\t\t */\n+\n+\t\tif ((n \u003e\u003d h-\u003eu.http.boundary_len) \u0026\u0026\n+\t\t\th-\u003eu.http.boundary_seq \u003d\u003d h-\u003eu.http.boundary_len \u0026\u0026\n+\t\t\th-\u003eu.http.boundary_post \u003d\u003d 2) {\n+\n+\t\t\toh \u003d 1;\n+\t\t}\n+\n \t\th-\u003einfo.rx(ss_to_userobj(h), \u0026q[pending_issue],\n-\t\t\t\t(unsigned int)(n - pending_issue),\n-\t\t\t (!h-\u003eu.http.som ? LWSSS_FLAG_SOM : 0));\n+\t\t\t\t(unsigned int)(oh ?\n+\t\t\t\t(n - pending_issue - h-\u003eu.http.boundary_len -\n+\t\t\t\t\t(h-\u003eu.http.any ? 2 : 0)) :\n+\t\t\t\t(n - pending_issue)),\n+\t\t\t (!h-\u003eu.http.som ? LWSSS_FLAG_SOM : 0) |\n+\t\t\t (oh \u0026\u0026 h-\u003eu.http.any ? LWSSS_FLAG_EOM : 0));\n+\n+\t\tif (oh \u0026\u0026 h-\u003eu.http.any)\n+\t\t\th-\u003eu.http.eom \u003d 1;\n+\n \t\th-\u003eu.http.any \u003d 1;\n \t\th-\u003eu.http.som \u003d 1;\n \t}\ndiff --git a/lib/secure-streams/protocols/ss-h2.c b/lib/secure-streams/protocols/ss-h2.c\nindex 2bd772d..9e1fe85 100644\n--- a/lib/secure-streams/protocols/ss-h2.c\n+++ b/lib/secure-streams/protocols/ss-h2.c\n@@ -96,7 +96,7 @@ secstream_h2(struct lws *wsi, enum lws_callback_reasons reason, void *user,\n \t\t * The peer has sent us additional tx credit...\n \t\t */\n \t\tlwsl_info(\u0022%s: LWS_CALLBACK_WSI_TX_CREDIT_GET: %d\u005cn\u0022,\n-\t\t\t __func__, (int32_t)len);\n+\t\t\t __func__, (int)len);\n \n #if defined(LWS_WITH_SECURE_STREAMS_PROXY_API)\n \t\tif (h-\u003ebeing_serialized)\n","s":{"c":1752654218,"u": 2787}} ],"g": 4448,"chitpc": 0,"ehitpc": 0,"indexed":0 , "ab": 0, "si": 0, "db":0, "di":0, "sat":0, "lfc": "0000"}