handle NULL bytes in HTTP replies which could throw off our gross

header processing.

surf-wessels 1004> client -h www.hcs.ohio-state.edu -p 80 '/random.cgi$cover.rnd' | od -c
0000000   H   T   T   P   /   1   .   0       3   0   2       F   o   u
0000020   n   d  \r  \n   S   e   r   v   e   r   :       R   a   n   d
0000040   o   m   U   R   L   /   1  \r  \n   L   o   c   a   t   i   o
0000060   n   :       h   t   t   p   :   /   /   1   4   0   .   2   5
0000100   4   .   8   4   .   2   0   0   /   i   m   a   g   e   s   /
0000120   h   c   s   /   c   o   v   e   r   /   c   d   1   8   3   6
0000140   -   3   2   .   g   i   f  \r  \n  \0  \r  \n  \r  \n

diff --git a/src/client_side.cc b/src/client_side.cc
index b1451dbef5f34737f4a35d29df23a3001da0a542..067598bb32a05b82b9fe9ff68c2db448dde2a174 100644 (file)
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: client_side.cc,v 1.247 1998/04/01 17:24:09 wessels Exp $
+ * $Id: client_side.cc,v 1.248 1998/04/01 21:23:02 wessels Exp $
  *
  * DEBUG: section 33    Client-side Routines
  * AUTHOR: Duane Wessels
@@ -839,6 +839,9 @@ clientBuildReplyHeader(clientHttpRequest * http,
     end = hdr_in + hdr_len;
     for (t = hdr_in; t < end; t += strcspn(t, crlf), t += strspn(t, crlf)) {
        l = strcspn(t, crlf) + 1;
+       /* Wow, we might find a NULL before 'end' */
+       if (1 == l)
+           break;
        xstrncpy(xbuf, t, l > 4096 ? 4096 : l);
        /* enforce 1.0 reply version, this hack will be rewritten */
        if (t == hdr_in && !strncasecmp(xbuf, "HTTP/", 5) && l > 8 &&

diff --git a/src/http.cc b/src/http.cc
index aa6cc9663caf1d3a891b00cc5e8917647dd6c9ab..51a11b774cd0f4ac2227306259461910c02ea14d 100644 (file)
--- a/src/http.cc
+++ b/src/http.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: http.cc,v 1.261 1998/03/31 05:37:42 wessels Exp $
+ * $Id: http.cc,v 1.262 1998/04/01 21:23:01 wessels Exp $
  *
  * DEBUG: section 11    Hypertext Transfer Protocol (HTTP)
  * AUTHOR: Harvest Derived
@@ -625,7 +625,8 @@ httpBuildRequestHeader(request_t * request,
        l = strcspn(t, crlf) + 1;
        if (l > 4096)
            l = 4096;
-       if (0 == l)
+       /* We might find a NULL before 'end' */
+       if (1 == l)
            break;
        xstrncpy(xbuf, t, l);
        debug(11, 5) ("httpBuildRequestHeader: %s\n", xbuf);