[mw-devel] MW3 r1379 - trunk/src/client

Thu Jul 16 16:25:54 BST 2015

Author: arthur
Date: 2015-07-16 16:25:54 +0100 (Thu, 16 Jul 2015)
New Revision: 1379

Modified:
   trunk/src/client/js.c
   trunk/src/client/js.h
   trunk/src/client/log.c
Log:
Attempt to spot mwuri transfers that are not html and abort them early


Modified: trunk/src/client/js.c
===================================================================

--- trunk/src/client/js.c	2015-02-10 13:34:41 UTC (rev 1378)
+++ trunk/src/client/js.c	2015-07-16 15:25:54 UTC (rev 1379)
@@ -737,6 +737,37 @@
 	return block_append(b, ptr, addsize);
 }
 
+/* buffer up the headers and parse them on the way
+ * if you find a bad content type then abort the connection
+ */
+size_t headlimit(  void  *ptr,  size_t  size, size_t nmemb, void *stream)
+{
+	int addsize = size*nmemb;
+	struct block_t *b = stream;
+
+	if (stream == NULL) return 0;
+	int done = block_append(b, ptr, addsize);
+
+	/* given too much header, choke on it */
+	if (done < addsize) return done;
+
+	/* look for a whole Content-type */
+	char *p = strcasestr(b->p_buffer, "Content-Type: ");
+	if (p) {
+		char *end = strchr(p+14, '\r');
+		if (end == NULL) end = strchr(p+14, '\n');
+		/* we have the entire content-type line, parse it */
+		if (end != NULL) {
+			if (strncasecmp(p+14, "text/html",9)!=0) {
+				/* not html, skip the rest & body*/
+				return 0;
+			}
+		}
+	}
+
+	return done;
+}
+
 /* Function to make a url GET request and return the resulting page
  */
 static JSBool js_urlget(JSContext *cx, unsigned int argc, jsval *vp) 

Modified: trunk/src/client/js.h
===================================================================
--- trunk/src/client/js.h	2015-02-10 13:34:41 UTC (rev 1378)
+++ trunk/src/client/js.h	2015-07-16 15:25:54 UTC (rev 1379)
@@ -12,5 +12,6 @@
 int stop_js(void);
 int setup_js(void);
 size_t urldata(void *ptr, size_t size, size_t nmemb, void *stream);
+size_t headlimit(void *ptr, size_t size, size_t nmemb, void *stream);
 
 #endif /* JS_H */

Modified: trunk/src/client/log.c
===================================================================
--- trunk/src/client/log.c	2015-02-10 13:34:41 UTC (rev 1378)
+++ trunk/src/client/log.c	2015-07-16 15:25:54 UTC (rev 1379)
@@ -238,13 +238,15 @@
 	char *title=NULL;
 	char flags[1024];
 	struct block_t * deli=block_new(1024);
-	struct block_t * body=block_new(4096);
+	struct block_t * body=block_new(1024);
+	struct block_t * head=block_new(4096);
 
 	c = curl_easy_init();
 
 	/* set max download sizes */
 	block_limit(deli, 8192); 
-	block_limit(body, 4096); 
+	block_limit(body, 8192); 
+	block_limit(head, 4096); 
 
 	/* lets go fishing on del.icio.us */
 	url = cleanup_url(uri->url);
@@ -275,6 +277,8 @@
 	/* grab the pages title */
 	curl_easy_setopt(c, CURLOPT_URL, url);
 	curl_easy_setopt(c, CURLOPT_WRITEDATA, body);
+	curl_easy_setopt(c, CURLOPT_HEADERFUNCTION, headlimit);
+	curl_easy_setopt(c, CURLOPT_WRITEHEADER, head);
 	curl_easy_perform(c);
 
 	if (body->i_used > 0) {
@@ -397,6 +401,7 @@
 int block_append(struct block_t *p, void *data, int size)
 {
 	if (p == NULL) return 0;
+	/* buffers are always kept nul terminated */
 	int newsize = p->i_used + size + 1;
 	/* it needs to be bigger grow it */
 	if (newsize > p->i_size) {
@@ -407,6 +412,7 @@
 	}
 	memcpy(&p->p_buffer[p->i_used], data, size);
 	p->i_used += size;
+	/* terminate it for safe string searches */
 	p->p_buffer[p->i_used] = 0;
 	return size;
 }


