From: Daniel Stenberg Date: Fri, 13 Sep 2024 15:55:05 +0000 (+0200) Subject: http: make max-filesize check not count ignored bodies X-Git-Tag: curl-8_10_1~21 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aef384a7df23c5f52940112593f071d83e3cca05;p=thirdparty%2Fcurl.git http: make max-filesize check not count ignored bodies Add test 477 to verify Reported-by: MasterInQuestion on github Fixes #14899 Closes #14900 --- diff --git a/lib/http.c b/lib/http.c index 0cd2d4f2aa..f00c803af4 100644 --- a/lib/http.c +++ b/lib/http.c @@ -3283,10 +3283,13 @@ CURLcode Curl_http_size(struct Curl_easy *data) } else if(k->size != -1) { if(data->set.max_filesize && - k->size > data->set.max_filesize) { + !k->ignorebody && + (k->size > data->set.max_filesize)) { failf(data, "Maximum file size exceeded"); return CURLE_FILESIZE_EXCEEDED; } + if(k->ignorebody) + infof(data, "setting size while ignoring"); Curl_pgrsSetDownloadSize(data, k->size); k->maxdownload = k->size; } @@ -3625,13 +3628,6 @@ static CURLcode http_on_response(struct Curl_easy *data, } - /* This is the last response that we will got for the current request. - * Check on the body size and determine if the response is complete. - */ - result = Curl_http_size(data); - if(result) - goto out; - /* If we requested a "no body", this is a good time to get * out and return home. */ @@ -3651,6 +3647,12 @@ static CURLcode http_on_response(struct Curl_easy *data, /* final response without error, prepare to receive the body */ result = Curl_http_firstwrite(data); + if(!result) + /* This is the last response that we get for the current request. + * Check on the body size and determine if the response is complete. + */ + result = Curl_http_size(data); + out: if(last_hd) { /* if not written yet, write it now */ diff --git a/lib/sendf.c b/lib/sendf.c index d95564e6b1..6f566622fd 100644 --- a/lib/sendf.c +++ b/lib/sendf.c @@ -336,7 +336,7 @@ static CURLcode cw_download_write(struct Curl_easy *data, connclose(data->conn, "excess found in a read"); } } - else if(nwrite < nbytes) { + else if((nwrite < nbytes) && !data->req.ignorebody) { failf(data, "Exceeded the maximum allowed file size " "(%" FMT_OFF_T ") with %" FMT_OFF_T " bytes", data->set.max_filesize, data->req.bytecount); diff --git a/tests/data/DISABLED b/tests/data/DISABLED index bf7274344c..80f835d4b7 100644 --- a/tests/data/DISABLED +++ b/tests/data/DISABLED @@ -68,6 +68,7 @@ # 1591, 1943. See https://github.com/hyperium/hyper/issues/2699 for details. %if hyper 266 +477 500 579 587 diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 7cce30f913..9e6fb7bb8a 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -77,7 +77,7 @@ test435 test436 test437 test438 test439 test440 test441 test442 test443 \ test444 test445 test446 test447 test448 test449 test450 test451 test452 \ test453 test454 test455 test456 test457 test458 test459 test460 test461 \ test462 test463 test467 test468 test469 test470 test471 test472 test473 \ -test474 test475 test476 \ +test474 test475 test476 test477 \ \ test490 test491 test492 test493 test494 test495 test496 test497 test498 \ test499 test500 test501 test502 test503 test504 test505 test506 test507 \ diff --git a/tests/data/test477 b/tests/data/test477 new file mode 100644 index 0000000000..12843918ef --- /dev/null +++ b/tests/data/test477 @@ -0,0 +1,67 @@ + + + +HTTP +HTTP GET +--max-filesize + + + +# +# Server-side + + +HTTP/1.1 301 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: %TESTNUMBER0002 +Accept-Ranges: bytes +Content-Length: 26 +Funny-head: yesyes + +aaaaaaaaaaaaaaaaaaaa-foo- + + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Accept-Ranges: bytes +Content-Length: 4 +Funny-head: yesyes + +hej + + + +# +# Client-side + + +http + + +HTTP GET with maximum filesize with a redirect sending data + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER --max-filesize 5 -L + + + +# +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + + + +