Browse code

modules/utils: added check on size of http_query reply

- Added check on actual size of http_query reply body that fixes possible
crash if body does not contain a linefeed.
- If body does not contain a linefeed, return whole body as result.

Juha Heinanen authored on 24/07/2009 16:10:23
Showing 1 changed files
... ...
@@ -73,6 +73,7 @@ int http_query(struct sip_msg* _m, char* _url, char* _dst)
73 73
     long stat;
74 74
     pv_spec_t *dst;
75 75
     pv_value_t val;
76
+    double download_size;
76 77
 
77 78
     if (fixup_get_svalue(_m, (gparam_p)_url, &value) != 0) {
78 79
 	LM_ERR("cannot get page value\n");
... ...
@@ -113,12 +114,17 @@ int http_query(struct sip_msg* _m, char* _url, char* _dst)
113 113
 
114 114
     curl_easy_getinfo(curl, CURLINFO_HTTP_CODE, &stat);
115 115
     if ((stat >= 200) && (stat < 400)) {
116
-	at = index(stream, (char)10);  /* search for line feed */
116
+	curl_easy_getinfo(curl, CURLINFO_SIZE_DOWNLOAD, &download_size);
117
+	LM_DBG("http_query download size: %u\n", (unsigned int)download_size);
118
+	/* search for line feed */
119
+	at = memchr(stream, (char)10, download_size);
117 120
 	if (at == NULL) {
118
-	    at = stream;  /* set empty string */
121
+	    /* not found: use whole stream */
122
+	    at = stream + (unsigned int)download_size;
119 123
 	}
120 124
 	val.rs.s = stream;
121 125
 	val.rs.len = at - stream;
126
+	LM_DBG("http)query result: %.*s\n", val.rs.len, val.rs.s);
122 127
 	val.flags = PV_VAL_STR;
123 128
 	dst = (pv_spec_t *)_dst;
124 129
 	dst->setf(_m, &dst->pvp, (int)EQ_T, &val);