Message ID | 1485782396-22341-1-git-send-email-den@openvz.org |
---|---|
State | New |
Headers | show |
What is #PSBM-57554 referring to ? Is that some custom bug tracker you have ? I'm going to drop that unless its something we need to keep On Mon, Jan 30, 2017 at 04:19:56PM +0300, Denis V. Lunev wrote: > From: Anton Nefedov <anton.nefedov@virtuozzo.com> > > According to RFC7230 Section 3.2, header field name is case-insensitive. > > The haystack string length is limited by 4096 bytes by > qio_channel_websock_handshake_read(). > > Further, handshake_process() dups and NULL-terminates the string > so it is safe to call non length-limited functions like strcasestr(). > > Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com> > Signed-off-by: Denis V. Lunev <den@openvz.org> > CC: Daniel P. Berrange <berrange@redhat.com> > --- > io/channel-websock.c | 25 ++++++++++++++----------- > 1 file changed, 14 insertions(+), 11 deletions(-) Reviewed-by: Daniel P. Berrange <berrange@redhat.com> will add this to my io queue Regards, Daniel
On 01/30/2017 06:47 PM, Daniel P. Berrange wrote: > What is #PSBM-57554 referring to ? Is that some custom bug tracker > you have ? I'm going to drop that unless its something we need to > keep it must be dropped. Sorry, this is my mistake. Den > On Mon, Jan 30, 2017 at 04:19:56PM +0300, Denis V. Lunev wrote: >> From: Anton Nefedov <anton.nefedov@virtuozzo.com> >> >> According to RFC7230 Section 3.2, header field name is case-insensitive. >> >> The haystack string length is limited by 4096 bytes by >> qio_channel_websock_handshake_read(). >> >> Further, handshake_process() dups and NULL-terminates the string >> so it is safe to call non length-limited functions like strcasestr(). >> >> Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com> >> Signed-off-by: Denis V. Lunev <den@openvz.org> >> CC: Daniel P. Berrange <berrange@redhat.com> >> --- >> io/channel-websock.c | 25 ++++++++++++++----------- >> 1 file changed, 14 insertions(+), 11 deletions(-) > Reviewed-by: Daniel P. Berrange <berrange@redhat.com> > > will add this to my io queue > > Regards, > Daniel
On Mon, Jan 30, 2017 at 04:19:56PM +0300, Denis V. Lunev wrote: > From: Anton Nefedov <anton.nefedov@virtuozzo.com> > > According to RFC7230 Section 3.2, header field name is case-insensitive. > > The haystack string length is limited by 4096 bytes by > qio_channel_websock_handshake_read(). > > Further, handshake_process() dups and NULL-terminates the string > so it is safe to call non length-limited functions like strcasestr(). > > Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com> > Signed-off-by: Denis V. Lunev <den@openvz.org> > CC: Daniel P. Berrange <berrange@redhat.com> > --- > io/channel-websock.c | 25 ++++++++++++++----------- > 1 file changed, 14 insertions(+), 11 deletions(-) > > diff --git a/io/channel-websock.c b/io/channel-websock.c > index d5a4ed3..991925a 100644 > --- a/io/channel-websock.c > +++ b/io/channel-websock.c > @@ -108,18 +108,16 @@ enum { > }; > > static char *qio_channel_websock_handshake_entry(const char *handshake, > - size_t handshake_len, > const char *name) > { > char *begin, *end, *ret = NULL; > char *line = g_strdup_printf("%s%s: ", > QIO_CHANNEL_WEBSOCK_HANDSHAKE_DELIM, > name); > - begin = g_strstr_len(handshake, handshake_len, line); > + begin = strcasestr(handshake, line); So this turns out to break Windows builds since there's no strcasestr on Mingw. There's no alternative that I know of in glib and I don't fancy implementing a custom strcasestr() function. So I'm going to drop this patch entirely, and copy you on an alternative fix that simply converts the input data to lowercase before comparison. Would appreciate if you can test my alternate patch with whatever client you had problems with. Regards, Daniel
On 02/27/2017 11:11 PM, Daniel P. Berrange wrote: > On Mon, Jan 30, 2017 at 04:19:56PM +0300, Denis V. Lunev wrote: >> From: Anton Nefedov <anton.nefedov@virtuozzo.com> >> >> According to RFC7230 Section 3.2, header field name is case-insensitive. >> >> The haystack string length is limited by 4096 bytes by >> qio_channel_websock_handshake_read(). >> >> Further, handshake_process() dups and NULL-terminates the string >> so it is safe to call non length-limited functions like strcasestr(). >> >> Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com> >> Signed-off-by: Denis V. Lunev <den@openvz.org> >> CC: Daniel P. Berrange <berrange@redhat.com> >> --- >> io/channel-websock.c | 25 ++++++++++++++----------- >> 1 file changed, 14 insertions(+), 11 deletions(-) >> >> diff --git a/io/channel-websock.c b/io/channel-websock.c >> index d5a4ed3..991925a 100644 >> --- a/io/channel-websock.c >> +++ b/io/channel-websock.c >> @@ -108,18 +108,16 @@ enum { >> }; >> >> static char *qio_channel_websock_handshake_entry(const char *handshake, >> - size_t handshake_len, >> const char *name) >> { >> char *begin, *end, *ret = NULL; >> char *line = g_strdup_printf("%s%s: ", >> QIO_CHANNEL_WEBSOCK_HANDSHAKE_DELIM, >> name); >> - begin = g_strstr_len(handshake, handshake_len, line); >> + begin = strcasestr(handshake, line); > So this turns out to break Windows builds since there's no strcasestr > on Mingw. There's no alternative that I know of in glib and I don't > fancy implementing a custom strcasestr() function. So I'm going to > drop this patch entirely, and copy you on an alternative fix that > simply converts the input data to lowercase before comparison. Would > appreciate if you can test my alternate patch with whatever client > you had problems with. > > Regards, > Daniel Sure!
diff --git a/io/channel-websock.c b/io/channel-websock.c index d5a4ed3..991925a 100644 --- a/io/channel-websock.c +++ b/io/channel-websock.c @@ -108,18 +108,16 @@ enum { }; static char *qio_channel_websock_handshake_entry(const char *handshake, - size_t handshake_len, const char *name) { char *begin, *end, *ret = NULL; char *line = g_strdup_printf("%s%s: ", QIO_CHANNEL_WEBSOCK_HANDSHAKE_DELIM, name); - begin = g_strstr_len(handshake, handshake_len, line); + begin = strcasestr(handshake, line); if (begin != NULL) { begin += strlen(line); - end = g_strstr_len(begin, handshake_len - (begin - handshake), - QIO_CHANNEL_WEBSOCK_HANDSHAKE_DELIM); + end = strstr(begin, QIO_CHANNEL_WEBSOCK_HANDSHAKE_DELIM); if (end != NULL) { ret = g_strndup(begin, end - begin); } @@ -170,12 +168,14 @@ static int qio_channel_websock_handshake_process(QIOChannelWebsock *ioc, Error **errp) { int ret = -1; + /* make it NULL-terminated */ + char *handshake = g_strndup(line, size); char *protocols = qio_channel_websock_handshake_entry( - line, size, QIO_CHANNEL_WEBSOCK_HEADER_PROTOCOL); + handshake, QIO_CHANNEL_WEBSOCK_HEADER_PROTOCOL); char *version = qio_channel_websock_handshake_entry( - line, size, QIO_CHANNEL_WEBSOCK_HEADER_VERSION); + handshake, QIO_CHANNEL_WEBSOCK_HEADER_VERSION); char *key = qio_channel_websock_handshake_entry( - line, size, QIO_CHANNEL_WEBSOCK_HEADER_KEY); + handshake, QIO_CHANNEL_WEBSOCK_HEADER_KEY); if (!protocols) { error_setg(errp, "Missing websocket protocol header data"); @@ -213,6 +213,7 @@ static int qio_channel_websock_handshake_process(QIOChannelWebsock *ioc, ret = qio_channel_websock_handshake_send_response(ioc, key, errp); cleanup: + g_free(handshake); g_free(protocols); g_free(version); g_free(key); @@ -248,10 +249,12 @@ static int qio_channel_websock_handshake_read(QIOChannelWebsock *ioc, } } - if (qio_channel_websock_handshake_process(ioc, - (char *)ioc->encinput.buffer, - ioc->encinput.offset, - errp) < 0) { + if (qio_channel_websock_handshake_process( + ioc, + (char *)ioc->encinput.buffer, + handshake_end - (char *)ioc->encinput.buffer + + strlen(QIO_CHANNEL_WEBSOCK_HANDSHAKE_END), + errp) < 0) { return -1; }