Browse code

parser: safer function to parse header name stored in short buffer

Daniel-Constantin Mierla authored on 02/09/2015 11:07:45
Showing 2 changed files
... ...
@@ -242,3 +242,31 @@ char* parse_hname2(char* const begin, const char* const end, struct hdr_field* c
242 242
 	}
243 243
 }
244 244
 
245
+/**
246
+ * parse_hname2_short() - safer version to parse header name stored in short buffers
247
+ *   - parse_hanem2() reads 4 bytes at once, expecting to walk through a buffer
248
+ *   that contains more than the header name (e.g., sip msg buf, full header buf
249
+ *   with name and body)
250
+ */
251
+char* parse_hname2_short(char* const begin, const char* const end, struct hdr_field* const hdr)
252
+{
253
+#define HBUF_MAX_SIZE 256
254
+	char hbuf[HBUF_MAX_SIZE];
255
+	char *p;
256
+
257
+	if(end-begin>=HBUF_MAX_SIZE-4) {
258
+		p = q_memchr(p, ':', end - begin);
259
+		if(p && p-4> begin) {
260
+			/* header name termination char found and enough space in buffer after it */
261
+			return parse_hname2(begin, end, hdr);
262
+		}
263
+		/* not enough space */
264
+		return NULL;
265
+	}
266
+	/* pad with whitespace - tipycal char after the ':' of the header name */
267
+	memset(hbuf, ' ', HBUF_MAX_SIZE);
268
+	memcpy(hbuf, begin, end-begin);
269
+	p = parse_hname2(hbuf, hbuf + 4 + (end-begin), hdr);
270
+	if(!p) return NULL;
271
+	return begin + (p-hbuf);
272
+}
... ...
@@ -36,5 +36,6 @@
36 36
  * @file
37 37
  */
38 38
 char* parse_hname2(char* const begin, const char* const end, struct hdr_field* const hdr);
39
+char* parse_hname2_safe(char* const begin, const char* const end, struct hdr_field* const hdr);
39 40
 
40 41
 #endif /* PARSE_HNAME2_H */