Documentation Source Text

Check-in [6faf1e47b9]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fixes to the CGI handling in althttpd.c.
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 6faf1e47b91142fb7e9a39505a8fd79b2bf18f95a3078e04c145b679b4325f21
User & Date: drh 2018-08-08 17:36:12
Context
2018-08-15
13:21
Pre-expand key railroad diagrams in the windowfunctions.html page. check-in: 61483bc834 user: drh tags: trunk
2018-08-08
17:36
Fixes to the CGI handling in althttpd.c. check-in: 6faf1e47b9 user: drh tags: trunk
2018-08-06
01:42
Fix typos in the windowfunction documentation. check-in: ab3b52646c user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to misc/althttpd.c.

   785    785   static int CheckBasicAuthorization(const char *zAuthFile){
   786    786     FILE *in;
   787    787     char *zRealm = "unknown realm";
   788    788     char *zLoginPswd;
   789    789     char *zName;
   790    790     char zLine[2000];
   791    791   
   792         -  in = fopen(zAuthFile, "r");
          792  +  in = fopen(zAuthFile, "rb");
   793    793     if( in==0 ){
   794    794       NotFound(150);  /* LOG: Cannot open -auth file */
   795    795       return 0;
   796    796     }
   797    797     if( zAuthArg ) Decode64(zAuthArg);
   798    798     while( fgets(zLine, sizeof(zLine), in) ){
   799    799       char *zFieldName;
................................................................................
  1393   1393       }
  1394   1394       sprintf(zTmpNamBuf, "/tmp/-post-data-XXXXXX");
  1395   1395       zTmpNam = zTmpNamBuf;
  1396   1396       if( mkstemp(zTmpNam)<0 ){
  1397   1397         Malfunction(280,  /* LOG: mkstemp() failed */
  1398   1398                  "Cannot create a temp file in which to store POST data");
  1399   1399       }
  1400         -    out = fopen(zTmpNam,"w");
         1400  +    out = fopen(zTmpNam,"wb");
  1401   1401       if( out==0 ){
  1402   1402         StartResponse("500 Cannot create /tmp file");
  1403   1403         nOut += printf(
  1404   1404           "Content-type: text/plain\r\n"
  1405   1405           "\r\n"
  1406   1406           "Could not open \"%s\" for writing\n", zTmpNam
  1407   1407         );
................................................................................
  1609   1609         { "SCRIPT_NAME",                 &zRealScript },
  1610   1610         { "SERVER_NAME",                 &zServerName },
  1611   1611         { "SERVER_PORT",                 &zServerPort },
  1612   1612         { "SERVER_PROTOCOL",             &zProtocol },
  1613   1613       };
  1614   1614       char *zBaseFilename;         /* Filename without directory prefix */
  1615   1615       int seenContentLength = 0;   /* True if Content-length: header seen */
         1616  +    int contentLength = 0;       /* The content length */
  1616   1617       int nRes = 0;                /* Bytes of payload */
  1617   1618       int nMalloc = 0;             /* Bytes of space allocated to aRes */
  1618   1619       char *aRes = 0;              /* Payload */
  1619   1620   
  1620   1621       /* If its executable, it must be a CGI program.  Start by
  1621   1622       ** changing directories to the directory holding the program.
  1622   1623       */
................................................................................
  1692   1693           }
  1693   1694           close(px[1]);
  1694   1695           for(i=3; close(i)==0; i++){}
  1695   1696           execl(zBaseFilename, zBaseFilename, (char*)0);
  1696   1697           exit(0);
  1697   1698         }
  1698   1699         close(px[1]);
  1699         -      in = fdopen(px[0], "r");
         1700  +      in = fdopen(px[0], "rb");
  1700   1701       }
  1701   1702       if( in==0 ){
  1702   1703         CgiError();
  1703   1704       }
  1704   1705   
  1705   1706       /* Read and process the first line of the header returned by the
  1706   1707       ** CGI script.
................................................................................
  1717   1718           int i;
  1718   1719           for(i=7; isspace(zLine[i]); i++){}
  1719   1720           nOut += printf("%s %s", zProtocol, &zLine[i]);
  1720   1721           strncpy(zReplyStatus, &zLine[i], 3);
  1721   1722           zReplyStatus[3] = 0;
  1722   1723           statusSent = 1;
  1723   1724         }else{
  1724         -        if( strncasecmp(zLine, "Content-length:", 14)==0 ){
         1725  +                            /*  123456789 12345 */
         1726  +        if( strncasecmp(zLine, "Content-length:", 15)==0 ){
  1725   1727             seenContentLength = 1;
         1728  +          contentLength = atoi(zLine+15);
  1726   1729           }
  1727   1730           StartResponse("200 OK");
  1728   1731           nOut += printf("%s",zLine);
  1729   1732         }
  1730   1733       }
  1731   1734   
  1732   1735       /* Copy everything else thru without change or analysis.
  1733   1736       */
  1734   1737       StartResponse("200 OK");
  1735   1738       if( useTimeout ) alarm(60*5);
  1736   1739       if( seenContentLength ){
  1737   1740         nOut += printf("%s", zLine);
  1738         -      while( (c = getc(in))!=EOF ){
         1741  +      while( (contentLength--)>0 && (c = getc(in))!=EOF ){
  1739   1742           putc(c,stdout);
  1740   1743           nOut++;
  1741   1744         }
  1742   1745       }else{
  1743   1746         nRes = 0;
  1744   1747         nMalloc = 1000;
  1745   1748         aRes = malloc(nMalloc+1);
................................................................................
  1783   1786         nOut += printf("Cache-Control: max-age=%d\r\n", mxAge);
  1784   1787         nOut += printf("ETag: \"%s\"\r\n", zETag);
  1785   1788         nOut += printf("\r\n");
  1786   1789         fflush(stdout);
  1787   1790         MakeLogEntry(0, 470);  /* LOG: ETag Cache Hit */
  1788   1791         return;
  1789   1792       }
  1790         -    in = fopen(zFile,"r");
         1793  +    in = fopen(zFile,"rb");
  1791   1794       if( in==0 ) NotFound(480); /* LOG: fopen() failed for static content */
  1792   1795       StartResponse("200 OK");
  1793   1796       nOut += DateTag("Last-Modified", statbuf.st_mtime);
  1794   1797       nOut += printf("Cache-Control: max-age=%d\r\n", mxAge);
  1795   1798       nOut += printf("ETag: \"%s\"\r\n", zETag);
  1796   1799       nOut += printf("Content-type: %s\r\n",zContentType);
  1797   1800       nOut += printf("Content-length: %d\r\n\r\n",(int)statbuf.st_size);