/src/curl/lib/http_chunks.c
Line | Count | Source (jump to first uncovered line) |
1 | | /*************************************************************************** |
2 | | * _ _ ____ _ |
3 | | * Project ___| | | | _ \| | |
4 | | * / __| | | | |_) | | |
5 | | * | (__| |_| | _ <| |___ |
6 | | * \___|\___/|_| \_\_____| |
7 | | * |
8 | | * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. |
9 | | * |
10 | | * This software is licensed as described in the file COPYING, which |
11 | | * you should have received as part of this distribution. The terms |
12 | | * are also available at https://curl.se/docs/copyright.html. |
13 | | * |
14 | | * You may opt to use, copy, modify, merge, publish, distribute and/or sell |
15 | | * copies of the Software, and permit persons to whom the Software is |
16 | | * furnished to do so, under the terms of the COPYING file. |
17 | | * |
18 | | * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY |
19 | | * KIND, either express or implied. |
20 | | * |
21 | | * SPDX-License-Identifier: curl |
22 | | * |
23 | | ***************************************************************************/ |
24 | | |
25 | | #include "curl_setup.h" |
26 | | |
27 | | #ifndef CURL_DISABLE_HTTP |
28 | | |
29 | | #include "urldata.h" /* it includes http_chunks.h */ |
30 | | #include "sendf.h" /* for the client write stuff */ |
31 | | #include "dynbuf.h" |
32 | | #include "content_encoding.h" |
33 | | #include "http.h" |
34 | | #include "strtoofft.h" |
35 | | #include "warnless.h" |
36 | | |
37 | | /* The last #include files should be: */ |
38 | | #include "curl_memory.h" |
39 | | #include "memdebug.h" |
40 | | |
41 | | /* |
42 | | * Chunk format (simplified): |
43 | | * |
44 | | * <HEX SIZE>[ chunk extension ] CRLF |
45 | | * <DATA> CRLF |
46 | | * |
47 | | * Highlights from RFC2616 section 3.6 say: |
48 | | |
49 | | The chunked encoding modifies the body of a message in order to |
50 | | transfer it as a series of chunks, each with its own size indicator, |
51 | | followed by an OPTIONAL trailer containing entity-header fields. This |
52 | | allows dynamically produced content to be transferred along with the |
53 | | information necessary for the recipient to verify that it has |
54 | | received the full message. |
55 | | |
56 | | Chunked-Body = *chunk |
57 | | last-chunk |
58 | | trailer |
59 | | CRLF |
60 | | |
61 | | chunk = chunk-size [ chunk-extension ] CRLF |
62 | | chunk-data CRLF |
63 | | chunk-size = 1*HEX |
64 | | last-chunk = 1*("0") [ chunk-extension ] CRLF |
65 | | |
66 | | chunk-extension= *( ";" chunk-ext-name [ "=" chunk-ext-val ] ) |
67 | | chunk-ext-name = token |
68 | | chunk-ext-val = token | quoted-string |
69 | | chunk-data = chunk-size(OCTET) |
70 | | trailer = *(entity-header CRLF) |
71 | | |
72 | | The chunk-size field is a string of hex digits indicating the size of |
73 | | the chunk. The chunked encoding is ended by any chunk whose size is |
74 | | zero, followed by the trailer, which is terminated by an empty line. |
75 | | |
76 | | */ |
77 | | |
78 | | #define isxdigit_ascii(x) Curl_isxdigit(x) |
79 | | |
80 | | void Curl_httpchunk_init(struct Curl_easy *data) |
81 | 0 | { |
82 | 0 | struct connectdata *conn = data->conn; |
83 | 0 | struct Curl_chunker *chunk = &conn->chunk; |
84 | 0 | chunk->hexindex = 0; /* start at 0 */ |
85 | 0 | chunk->state = CHUNK_HEX; /* we get hex first! */ |
86 | 0 | Curl_dyn_init(&conn->trailer, DYN_H1_TRAILER); |
87 | 0 | } |
88 | | |
89 | | /* |
90 | | * chunk_read() returns a OK for normal operations, or a positive return code |
91 | | * for errors. STOP means this sequence of chunks is complete. The 'wrote' |
92 | | * argument is set to tell the caller how many bytes we actually passed to the |
93 | | * client (for byte-counting and whatever). |
94 | | * |
95 | | * The states and the state-machine is further explained in the header file. |
96 | | * |
97 | | * This function always uses ASCII hex values to accommodate non-ASCII hosts. |
98 | | * For example, 0x0d and 0x0a are used instead of '\r' and '\n'. |
99 | | */ |
100 | | CHUNKcode Curl_httpchunk_read(struct Curl_easy *data, |
101 | | char *datap, |
102 | | ssize_t datalen, |
103 | | ssize_t *wrote, |
104 | | CURLcode *extrap) |
105 | 0 | { |
106 | 0 | CURLcode result = CURLE_OK; |
107 | 0 | struct connectdata *conn = data->conn; |
108 | 0 | struct Curl_chunker *ch = &conn->chunk; |
109 | 0 | struct SingleRequest *k = &data->req; |
110 | 0 | size_t piece; |
111 | 0 | curl_off_t length = (curl_off_t)datalen; |
112 | |
|
113 | 0 | *wrote = 0; /* nothing's written yet */ |
114 | | |
115 | | /* the original data is written to the client, but we go on with the |
116 | | chunk read process, to properly calculate the content length */ |
117 | 0 | if(data->set.http_te_skip && !k->ignorebody) { |
118 | 0 | result = Curl_client_write(data, CLIENTWRITE_BODY, datap, datalen); |
119 | 0 | if(result) { |
120 | 0 | *extrap = result; |
121 | 0 | return CHUNKE_PASSTHRU_ERROR; |
122 | 0 | } |
123 | 0 | } |
124 | | |
125 | 0 | while(length) { |
126 | 0 | switch(ch->state) { |
127 | 0 | case CHUNK_HEX: |
128 | 0 | if(ISXDIGIT(*datap)) { |
129 | 0 | if(ch->hexindex < CHUNK_MAXNUM_LEN) { |
130 | 0 | ch->hexbuffer[ch->hexindex] = *datap; |
131 | 0 | datap++; |
132 | 0 | length--; |
133 | 0 | ch->hexindex++; |
134 | 0 | } |
135 | 0 | else { |
136 | 0 | return CHUNKE_TOO_LONG_HEX; /* longer hex than we support */ |
137 | 0 | } |
138 | 0 | } |
139 | 0 | else { |
140 | 0 | char *endptr; |
141 | 0 | if(0 == ch->hexindex) |
142 | | /* This is illegal data, we received junk where we expected |
143 | | a hexadecimal digit. */ |
144 | 0 | return CHUNKE_ILLEGAL_HEX; |
145 | | |
146 | | /* length and datap are unmodified */ |
147 | 0 | ch->hexbuffer[ch->hexindex] = 0; |
148 | |
|
149 | 0 | if(curlx_strtoofft(ch->hexbuffer, &endptr, 16, &ch->datasize)) |
150 | 0 | return CHUNKE_ILLEGAL_HEX; |
151 | 0 | ch->state = CHUNK_LF; /* now wait for the CRLF */ |
152 | 0 | } |
153 | 0 | break; |
154 | | |
155 | 0 | case CHUNK_LF: |
156 | | /* waiting for the LF after a chunk size */ |
157 | 0 | if(*datap == 0x0a) { |
158 | | /* we're now expecting data to come, unless size was zero! */ |
159 | 0 | if(0 == ch->datasize) { |
160 | 0 | ch->state = CHUNK_TRAILER; /* now check for trailers */ |
161 | 0 | } |
162 | 0 | else |
163 | 0 | ch->state = CHUNK_DATA; |
164 | 0 | } |
165 | |
|
166 | 0 | datap++; |
167 | 0 | length--; |
168 | 0 | break; |
169 | | |
170 | 0 | case CHUNK_DATA: |
171 | | /* We expect 'datasize' of data. We have 'length' right now, it can be |
172 | | more or less than 'datasize'. Get the smallest piece. |
173 | | */ |
174 | 0 | piece = curlx_sotouz((ch->datasize >= length)?length:ch->datasize); |
175 | | |
176 | | /* Write the data portion available */ |
177 | 0 | if(!data->set.http_te_skip && !k->ignorebody) { |
178 | 0 | if(!data->set.http_ce_skip && k->writer_stack) |
179 | 0 | result = Curl_unencode_write(data, k->writer_stack, datap, piece); |
180 | 0 | else |
181 | 0 | result = Curl_client_write(data, CLIENTWRITE_BODY, datap, piece); |
182 | |
|
183 | 0 | if(result) { |
184 | 0 | *extrap = result; |
185 | 0 | return CHUNKE_PASSTHRU_ERROR; |
186 | 0 | } |
187 | 0 | } |
188 | | |
189 | 0 | *wrote += piece; |
190 | 0 | ch->datasize -= piece; /* decrease amount left to expect */ |
191 | 0 | datap += piece; /* move read pointer forward */ |
192 | 0 | length -= piece; /* decrease space left in this round */ |
193 | |
|
194 | 0 | if(0 == ch->datasize) |
195 | | /* end of data this round, we now expect a trailing CRLF */ |
196 | 0 | ch->state = CHUNK_POSTLF; |
197 | 0 | break; |
198 | | |
199 | 0 | case CHUNK_POSTLF: |
200 | 0 | if(*datap == 0x0a) { |
201 | | /* The last one before we go back to hex state and start all over. */ |
202 | 0 | Curl_httpchunk_init(data); /* sets state back to CHUNK_HEX */ |
203 | 0 | } |
204 | 0 | else if(*datap != 0x0d) |
205 | 0 | return CHUNKE_BAD_CHUNK; |
206 | 0 | datap++; |
207 | 0 | length--; |
208 | 0 | break; |
209 | | |
210 | 0 | case CHUNK_TRAILER: |
211 | 0 | if((*datap == 0x0d) || (*datap == 0x0a)) { |
212 | 0 | char *tr = Curl_dyn_ptr(&conn->trailer); |
213 | | /* this is the end of a trailer, but if the trailer was zero bytes |
214 | | there was no trailer and we move on */ |
215 | |
|
216 | 0 | if(tr) { |
217 | 0 | size_t trlen; |
218 | 0 | result = Curl_dyn_addn(&conn->trailer, (char *)STRCONST("\x0d\x0a")); |
219 | 0 | if(result) |
220 | 0 | return CHUNKE_OUT_OF_MEMORY; |
221 | | |
222 | 0 | tr = Curl_dyn_ptr(&conn->trailer); |
223 | 0 | trlen = Curl_dyn_len(&conn->trailer); |
224 | 0 | if(!data->set.http_te_skip) { |
225 | 0 | result = Curl_client_write(data, |
226 | 0 | CLIENTWRITE_HEADER|CLIENTWRITE_TRAILER, |
227 | 0 | tr, trlen); |
228 | 0 | if(result) { |
229 | 0 | *extrap = result; |
230 | 0 | return CHUNKE_PASSTHRU_ERROR; |
231 | 0 | } |
232 | 0 | } |
233 | 0 | Curl_dyn_reset(&conn->trailer); |
234 | 0 | ch->state = CHUNK_TRAILER_CR; |
235 | 0 | if(*datap == 0x0a) |
236 | | /* already on the LF */ |
237 | 0 | break; |
238 | 0 | } |
239 | 0 | else { |
240 | | /* no trailer, we're on the final CRLF pair */ |
241 | 0 | ch->state = CHUNK_TRAILER_POSTCR; |
242 | 0 | break; /* don't advance the pointer */ |
243 | 0 | } |
244 | 0 | } |
245 | 0 | else { |
246 | 0 | result = Curl_dyn_addn(&conn->trailer, datap, 1); |
247 | 0 | if(result) |
248 | 0 | return CHUNKE_OUT_OF_MEMORY; |
249 | 0 | } |
250 | 0 | datap++; |
251 | 0 | length--; |
252 | 0 | break; |
253 | | |
254 | 0 | case CHUNK_TRAILER_CR: |
255 | 0 | if(*datap == 0x0a) { |
256 | 0 | ch->state = CHUNK_TRAILER_POSTCR; |
257 | 0 | datap++; |
258 | 0 | length--; |
259 | 0 | } |
260 | 0 | else |
261 | 0 | return CHUNKE_BAD_CHUNK; |
262 | 0 | break; |
263 | | |
264 | 0 | case CHUNK_TRAILER_POSTCR: |
265 | | /* We enter this state when a CR should arrive so we expect to |
266 | | have to first pass a CR before we wait for LF */ |
267 | 0 | if((*datap != 0x0d) && (*datap != 0x0a)) { |
268 | | /* not a CR then it must be another header in the trailer */ |
269 | 0 | ch->state = CHUNK_TRAILER; |
270 | 0 | break; |
271 | 0 | } |
272 | 0 | if(*datap == 0x0d) { |
273 | | /* skip if CR */ |
274 | 0 | datap++; |
275 | 0 | length--; |
276 | 0 | } |
277 | | /* now wait for the final LF */ |
278 | 0 | ch->state = CHUNK_STOP; |
279 | 0 | break; |
280 | | |
281 | 0 | case CHUNK_STOP: |
282 | 0 | if(*datap == 0x0a) { |
283 | 0 | length--; |
284 | | |
285 | | /* Record the length of any data left in the end of the buffer |
286 | | even if there's no more chunks to read */ |
287 | 0 | ch->datasize = curlx_sotouz(length); |
288 | |
|
289 | 0 | return CHUNKE_STOP; /* return stop */ |
290 | 0 | } |
291 | 0 | else |
292 | 0 | return CHUNKE_BAD_CHUNK; |
293 | 0 | } |
294 | 0 | } |
295 | 0 | return CHUNKE_OK; |
296 | 0 | } |
297 | | |
298 | | const char *Curl_chunked_strerror(CHUNKcode code) |
299 | 0 | { |
300 | 0 | switch(code) { |
301 | 0 | default: |
302 | 0 | return "OK"; |
303 | 0 | case CHUNKE_TOO_LONG_HEX: |
304 | 0 | return "Too long hexadecimal number"; |
305 | 0 | case CHUNKE_ILLEGAL_HEX: |
306 | 0 | return "Illegal or missing hexadecimal sequence"; |
307 | 0 | case CHUNKE_BAD_CHUNK: |
308 | 0 | return "Malformed encoding found"; |
309 | 0 | case CHUNKE_PASSTHRU_ERROR: |
310 | 0 | DEBUGASSERT(0); /* never used */ |
311 | 0 | return ""; |
312 | 0 | case CHUNKE_BAD_ENCODING: |
313 | 0 | return "Bad content-encoding found"; |
314 | 0 | case CHUNKE_OUT_OF_MEMORY: |
315 | 0 | return "Out of memory"; |
316 | 0 | } |
317 | 0 | } |
318 | | |
319 | | #endif /* CURL_DISABLE_HTTP */ |