summaryrefslogtreecommitdiff
path: root/networking
diff options
context:
space:
mode:
authorDenis Vlasenko <vda.linux@googlemail.com>2007-01-03 23:02:18 +0000
committerDenis Vlasenko <vda.linux@googlemail.com>2007-01-03 23:02:18 +0000
commita773af3b1dad96808d794e12f0758dc0ba4502fa (patch)
tree0ec979b37e51ea77cb3c9a6faf69f50a5b9dd461 /networking
parenta8951cbc34c83fc73e3a3e271e6026b43b51690b (diff)
downloadbusybox-w32-a773af3b1dad96808d794e12f0758dc0ba4502fa.tar.gz
busybox-w32-a773af3b1dad96808d794e12f0758dc0ba4502fa.tar.bz2
busybox-w32-a773af3b1dad96808d794e12f0758dc0ba4502fa.zip
httpd: read cgi output with full_read, not safe_read
(avoids mangling of HTTP headers)
Diffstat (limited to 'networking')
-rw-r--r--networking/httpd.c21
1 files changed, 10 insertions, 11 deletions
diff --git a/networking/httpd.c b/networking/httpd.c
index ff5c14672..bf3da36d9 100644
--- a/networking/httpd.c
+++ b/networking/httpd.c
@@ -91,10 +91,8 @@
91 * 91 *
92*/ 92*/
93 93
94
95#include "busybox.h" 94#include "busybox.h"
96 95
97
98static const char httpdVersion[] = "busybox httpd/1.35 6-Oct-2004"; 96static const char httpdVersion[] = "busybox httpd/1.35 6-Oct-2004";
99static const char default_path_httpd_conf[] = "/etc"; 97static const char default_path_httpd_conf[] = "/etc";
100static const char httpd_conf[] = "httpd.conf"; 98static const char httpd_conf[] = "httpd.conf";
@@ -1065,7 +1063,7 @@ static int sendCgi(const char *url,
1065 * It should not be decoded in any fashion. This variable 1063 * It should not be decoded in any fashion. This variable
1066 * should always be set when there is query information, 1064 * should always be set when there is query information,
1067 * regardless of command line decoding. */ 1065 * regardless of command line decoding. */
1068 /* (Older versions of bbox seemed to do some decoding) */ 1066 /* (Older versions of bbox seem to do some decoding) */
1069 setenv1("QUERY_STRING", config->query); 1067 setenv1("QUERY_STRING", config->query);
1070 setenv1("SERVER_SOFTWARE", httpdVersion); 1068 setenv1("SERVER_SOFTWARE", httpdVersion);
1071 putenv("SERVER_PROTOCOL=HTTP/1.0"); 1069 putenv("SERVER_PROTOCOL=HTTP/1.0");
@@ -1097,7 +1095,7 @@ static int sendCgi(const char *url,
1097 goto error_execing_cgi; 1095 goto error_execing_cgi;
1098 *script = '\0'; 1096 *script = '\0';
1099 if (chdir(realpath_buff) == 0) { 1097 if (chdir(realpath_buff) == 0) {
1100 // now run the program. If it fails, 1098 // Now run the program. If it fails,
1101 // use _exit() so no destructors 1099 // use _exit() so no destructors
1102 // get called and make a mess. 1100 // get called and make a mess.
1103#if ENABLE_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR 1101#if ENABLE_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
@@ -1210,21 +1208,22 @@ static int sendCgi(const char *url,
1210#endif 1208#endif
1211 1209
1212 /* There is something to read */ 1210 /* There is something to read */
1213 count = safe_read(inFd, rbuf, PIPESIZE); 1211 /* NB: was safe_read. If it *has to be* safe_read, */
1212 /* please explain why in this comment... */
1213 count = full_read(inFd, rbuf, PIPESIZE);
1214 if (count == 0) 1214 if (count == 0)
1215 break; /* closed */ 1215 break; /* closed */
1216 if (count > 0) { 1216 if (count > 0) {
1217 if (firstLine) { 1217 if (firstLine) {
1218 /* full_read (above) avoids
1219 * "chopped up into small chunks" syndrome here */
1218 rbuf[count] = 0; 1220 rbuf[count] = 0;
1219 /* check to see if the user script added headers */ 1221 /* check to see if the user script added headers */
1220 if (strncmp(rbuf, "HTTP/1.0 200 OK\r\n", 4) != 0) { 1222 if (strncmp(rbuf, "HTTP/1.0 200 OK\r\n", 4) != 0) {
1223 /* there is no "HTTP", do it ourself */
1221 full_write(s, "HTTP/1.0 200 OK\r\n", 17); 1224 full_write(s, "HTTP/1.0 200 OK\r\n", 17);
1222 } 1225 } /* hmm, maybe 'else if'? */
1223 /* Sometimes CGI is writing to pipe in small chunks 1226 if (!strstr(rbuf, "ontent-")) {
1224 * and we don't see Content-type (because the read
1225 * is too short) and we emit bogus "text/plain"!
1226 * Is it a bug or CGI *has to* write it in one piece? */
1227 if (strstr(rbuf, "ontent-") == 0) {
1228 full_write(s, "Content-type: text/plain\r\n\r\n", 28); 1227 full_write(s, "Content-type: text/plain\r\n\r\n", 28);
1229 } 1228 }
1230 firstLine = 0; 1229 firstLine = 0;