From b8e462c8e3ae7171912709a10cea505fa1fe62d3 Mon Sep 17 00:00:00 2001 From: Jean-Frederic Clere Date: Mon, 9 Dec 2024 15:50:02 +0100 Subject: [PATCH] Fixes according Sashan review. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Reviewed-by: Neil Horman Reviewed-by: Saša Nedvědický (Merged from https://github.com/openssl/openssl/pull/25859) --- demos/http3/ossl-nghttp3-demo-server.c | 74 +++++++++++++++----------- 1 file changed, 42 insertions(+), 32 deletions(-) diff --git a/demos/http3/ossl-nghttp3-demo-server.c b/demos/http3/ossl-nghttp3-demo-server.c index 1744e64c01f..b72ad8f7170 100644 --- a/demos/http3/ossl-nghttp3-demo-server.c +++ b/demos/http3/ossl-nghttp3-demo-server.c @@ -24,7 +24,9 @@ #define nghttp3_arraylen(A) (sizeof(A) / sizeof(*(A))) /* The crappy test wants 20 bytes */ -static uint8_t nulldata[20] = "12345678901234567890"; +#define NULL_PAYLOAD "12345678901234567890" +static uint8_t *nulldata = (uint8_t *) NULL_PAYLOAD; +static size_t nulldata_sz = sizeof(NULL_PAYLOAD) - 1; /* The nghttp3 variable we need in the main part and read_from_ssl_ids */ static nghttp3_settings settings; @@ -281,13 +283,16 @@ static int on_recv_header(nghttp3_conn *conn, int64_t stream_id, int32_t token, fprintf(stderr, "\n"); if (token == NGHTTP3_QPACK_TOKEN__PATH) { - memcpy(h3ssl->url, vvalue.base, vvalue.len); + int len = (((vvalue.len) < (MAXURL)) ? (vvalue.len) : (MAXURL)); + + memcpy(h3ssl->url, vvalue.base, len); if (h3ssl->url[0] == '/') { if (h3ssl->url[1] == '\0') { - strcpy(h3ssl->url, "index.html"); + strncpy(h3ssl->url, "index.html", MAXURL); + h3ssl->url[MAXURL - 1] = '\0'; } else { - memcpy(h3ssl->url, h3ssl->url + 1, vvalue.len - 1); - h3ssl->url[vvalue.len - 1] = '\0'; + memcpy(h3ssl->url, h3ssl->url + 1, len - 1); + h3ssl->url[len - 1] = '\0'; } } } @@ -374,52 +379,53 @@ static int quic_server_read(nghttp3_conn *h3conn, SSL *stream, uint64_t id, stru */ static int quic_server_h3streams(nghttp3_conn *h3conn, struct h3ssl *h3ssl) { - SSL *rstream; - SSL *pstream; - SSL *cstream; + SSL *rstream = NULL; + SSL *pstream = NULL; + SSL *cstream = NULL; + SSL *conn; uint64_t r_streamid, p_streamid, c_streamid; - struct ssl_id *ssl_ids = h3ssl->ssl_ids; - rstream = SSL_new_stream(ssl_ids[1].s, SSL_STREAM_FLAG_UNI); + conn = get_ids_connection(h3ssl); + if (conn == NULL) { + fprintf(stderr, "quic_server_h3streams no connection\n"); + fflush(stderr); + return -1; + } + rstream = SSL_new_stream(conn, SSL_STREAM_FLAG_UNI); if (rstream != NULL) { - fprintf(stderr, "=> Opened on %llu\n", + printf("=> Opened on %llu\n", (unsigned long long)SSL_get_stream_id(rstream)); - fflush(stderr); } else { fprintf(stderr, "=> Stream == NULL!\n"); - fflush(stderr); - return -1; + goto err; } - pstream = SSL_new_stream(ssl_ids[1].s, SSL_STREAM_FLAG_UNI); + pstream = SSL_new_stream(conn, SSL_STREAM_FLAG_UNI); if (pstream != NULL) { - fprintf(stderr, "=> Opened on %llu\n", + printf("=> Opened on %llu\n", (unsigned long long)SSL_get_stream_id(pstream)); - fflush(stderr); } else { fprintf(stderr, "=> Stream == NULL!\n"); - fflush(stderr); - return -1; + goto err; } - cstream = SSL_new_stream(ssl_ids[1].s, SSL_STREAM_FLAG_UNI); + cstream = SSL_new_stream(conn, SSL_STREAM_FLAG_UNI); if (cstream != NULL) { fprintf(stderr, "=> Opened on %llu\n", (unsigned long long)SSL_get_stream_id(cstream)); fflush(stderr); } else { fprintf(stderr, "=> Stream == NULL!\n"); - fflush(stderr); - return -1; + goto err; } r_streamid = SSL_get_stream_id(rstream); p_streamid = SSL_get_stream_id(pstream); c_streamid = SSL_get_stream_id(cstream); if (nghttp3_conn_bind_qpack_streams(h3conn, p_streamid, r_streamid)) { fprintf(stderr, "nghttp3_conn_bind_qpack_streams failed!\n"); - return -1; + goto err; } if (nghttp3_conn_bind_control_stream(h3conn, c_streamid)) { fprintf(stderr, "nghttp3_conn_bind_qpack_streams failed!\n"); - return -1; + goto err; } printf("control: %llu enc %llu dec %llu\n", (unsigned long long)c_streamid, @@ -430,6 +436,15 @@ static int quic_server_h3streams(nghttp3_conn *h3conn, struct h3ssl *h3ssl) add_id(SSL_get_stream_id(cstream), cstream, h3ssl); return 0; +err: + fflush(stderr); + if (rstream != NULL) + SSL_free(rstream); + if (pstream != NULL) + SSL_free(pstream); + if (cstream != NULL) + SSL_free(cstream); + return -1; } /* Try to read from the streams we have */ @@ -487,14 +502,9 @@ static int read_from_ssl_ids(nghttp3_conn **curh3conn, struct h3ssl *h3ssl) h3ssl->done = 0; /* Process all the item we have polled */ - item = NULL; - for (i = 0; i < numitem; i++) { + for (i = 0, item = items; i < numitem; i++, item++) { SSL *s; - if (!item) - item = items; - else - item++; if (item->revents == SSL_POLL_EVENT_NONE) continue; processed_event = 0; @@ -1123,9 +1133,9 @@ static int run_quic_server(SSL_CTX *ctx, int fd) h3ssl.ldata = get_file_length(&h3ssl); if (h3ssl.ldata == 0) { /* We don't find the file: use default test string */ - sprintf(slength, "%d", 20); h3ssl.ptr_data = nulldata; - h3ssl.ldata = 20; + h3ssl.ldata = nulldata_sz; + sprintf(slength, "%d", h3ssl.ldata); /* content-type: text/html */ make_nv(&resp[num_nv++], "content-type", "text/html"); } else if (h3ssl.ldata == INT_MAX) { -- 2.47.2