From: Christos Tsantilas Date: Tue, 31 May 2011 21:06:39 +0000 (+0300) Subject: Support multiline quoted-string header fields X-Git-Tag: take08~55^2~157 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5f5ddef6275b3a2f9a0282192c37c86029d0a6c1;p=thirdparty%2Fsquid.git Support multiline quoted-string header fields Currently the httpHeaderParseQuotedString does not support multiline quoted string fields. According the rfc2616 multiline quoted string fields should supported: quoted-string = ( <"> *(qdtext | quoted-pair ) <"> ) qdtext = > TEXT = LWS = [CRLF] 1*( SP | HT ) This patch replaces the "[\r]\n " or "[\r]\n\t" with a single space. This is a Measurement Factory project --- diff --git a/src/HttpHeaderTools.cc b/src/HttpHeaderTools.cc index 8d7ba32709..b5137c8647 100644 --- a/src/HttpHeaderTools.cc +++ b/src/HttpHeaderTools.cc @@ -336,25 +336,51 @@ httpHeaderParseQuotedString(const char *start, const int len, String *val) const char *end, *pos; val->clean(); if (*start != '"') { - debugs(66, 2, "failed to parse a quoted-string header field near '" << start << "'"); + debugs(66, 2, HERE << "failed to parse a quoted-string header field near '" << start << "'"); return 0; } pos = start + 1; while (*pos != '"' && len > (pos-start)) { + + if (*pos =='\r') { + pos++; + if ((pos-start) > len || *pos != '\n') { + debugs(66, 2, HERE << "failed to parse a quoted-string header field with '\\r' octet " << (start-pos) + << " bytes into '" << start << "'"); + val->clean(); + return 0; + } + } + + if (*pos == '\n') { + pos++; + if ( (pos-start) > len || (*pos != ' ' && *pos != '\t')) { + debugs(66, 2, HERE << "failed to parse multiline quoted-string header field '" << start << "'"); + val->clean(); + return 0; + } + // TODO: replace the entire LWS with a space + val->append(" "); + pos++; + debugs(66, 2, HERE << "len < pos-start => " << len << " < " << (pos-start)); + continue; + } + bool quoted = (*pos == '\\'); - if (quoted) + if (quoted) { pos++; - if (!*pos || (pos-start) > len) { - debugs(66, 2, "failed to parse a quoted-string header field near '" << start << "'"); - val->clean(); - return 0; + if (!*pos || (pos-start) > len) { + debugs(66, 2, HERE << "failed to parse a quoted-string header field near '" << start << "'"); + val->clean(); + return 0; + } } end = pos; - while (end <= (start+len) && *end != '\\' && *end != '\"' && *end > 0x1F && *end != 0x7F) + while (end < (start+len) && *end != '\\' && *end != '\"' && *end > 0x1F && *end != 0x7F) end++; - if (*end <= 0x1F || *end == 0x7F) { - debugs(66, 2, "failed to parse a quoted-string header field with CTL octet " << (start-pos) + if ((*end <= 0x1F && *end != '\r' && *end != '\n') || *end == 0x7F) { + debugs(66, 2, HERE << "failed to parse a quoted-string header field with CTL octet " << (start-pos) << " bytes into '" << start << "'"); val->clean(); return 0; @@ -362,6 +388,12 @@ httpHeaderParseQuotedString(const char *start, const int len, String *val) val->append(pos, end-pos); pos = end; } + + if (*pos != '\"') { + debugs(66, 2, HERE << "failed to parse a quoted-string header field which did not end with \" "); + val->clean(); + return 0; + } /* Make sure it's defined even if empty "" */ if (!val->defined()) val->limitInit("", 0);