diff --git a/lib/core/service.c b/lib/core/service.c index e3cfebcb0..48ad13708 100644 --- a/lib/core/service.c +++ b/lib/core/service.c @@ -732,8 +732,7 @@ lws_service_periodic_checks(struct lws_context *context, continue; } - if (lws_hdr_copy(wsi, buf, - sizeof buf, m) > 0) { + if (lws_hdr_copy(wsi, buf, sizeof buf, m) > 0) { buf[sizeof(buf) - 1] = '\0'; lwsl_notice(" %s = %s\n", diff --git a/lib/roles/http/server/access-log.c b/lib/roles/http/server/access-log.c index 8b8beaeaa..b61aa4154 100644 --- a/lib/roles/http/server/access-log.c +++ b/lib/roles/http/server/access-log.c @@ -97,35 +97,36 @@ lws_prepare_access_log_info(struct lws *wsi, char *uri_ptr, int uri_len, int met l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_USER_AGENT); if (l) { - wsi->http.access_log.user_agent = lws_malloc(l + 2, "access log"); + wsi->http.access_log.user_agent = lws_malloc(l + 5, "access log"); + wsi->http.access_log.user_agent[0] = '\0'; if (!wsi->http.access_log.user_agent) { lwsl_err("OOM getting user agent\n"); lws_free_set_NULL(wsi->http.access_log.header_log); return; } - lws_hdr_copy(wsi, wsi->http.access_log.user_agent, - l + 1, WSI_TOKEN_HTTP_USER_AGENT); - - for (m = 0; m < l; m++) - if (wsi->http.access_log.user_agent[m] == '\"') - wsi->http.access_log.user_agent[m] = '\''; + if (lws_hdr_copy(wsi, wsi->http.access_log.user_agent, l + 4, + WSI_TOKEN_HTTP_USER_AGENT) >= 0) + for (m = 0; m < l; m++) + if (wsi->http.access_log.user_agent[m] == '\"') + wsi->http.access_log.user_agent[m] = '\''; } l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_REFERER); if (l) { - wsi->http.access_log.referrer = lws_malloc(l + 2, "referrer"); + wsi->http.access_log.referrer = lws_malloc(l + 5, "referrer"); + wsi->http.access_log.referrer[0] = '\0'; if (!wsi->http.access_log.referrer) { - lwsl_err("OOM getting user agent\n"); + lwsl_err("OOM getting referrer\n"); lws_free_set_NULL(wsi->http.access_log.user_agent); lws_free_set_NULL(wsi->http.access_log.header_log); return; } - lws_hdr_copy(wsi, wsi->http.access_log.referrer, - l + 1, WSI_TOKEN_HTTP_REFERER); + if (lws_hdr_copy(wsi, wsi->http.access_log.referrer, + l + 4, WSI_TOKEN_HTTP_REFERER) >= 0) - for (m = 0; m < l; m++) - if (wsi->http.access_log.referrer[m] == '\"') - wsi->http.access_log.referrer[m] = '\''; + for (m = 0; m < l; m++) + if (wsi->http.access_log.referrer[m] == '\"') + wsi->http.access_log.referrer[m] = '\''; } wsi->access_log_pending = 1; } diff --git a/lib/roles/http/server/lws-spa.c b/lib/roles/http/server/lws-spa.c index 6d3a7ea3a..bdf456389 100644 --- a/lib/roles/http/server/lws-spa.c +++ b/lib/roles/http/server/lws-spa.c @@ -80,7 +80,7 @@ lws_urldecode_s_create(struct lws *wsi, char *out, int out_len, void *data, { struct lws_urldecode_stateful *s = lws_zalloc(sizeof(*s), "stateful urldecode"); - char buf[200], *p; + char buf[205], *p; int m = 0; if (!s) diff --git a/lib/roles/http/server/server.c b/lib/roles/http/server/server.c index 147ff2f74..61e82ac13 100644 --- a/lib/roles/http/server/server.c +++ b/lib/roles/http/server/server.c @@ -902,8 +902,8 @@ lws_http_action(struct lws *wsi) struct lws_process_html_args args; const struct lws_http_mount *hit = NULL; unsigned int n; - char http_version_str[10]; - char http_conn_str[20]; + char http_version_str[12]; + char http_conn_str[25]; int http_version_len; char *uri_ptr = NULL, *s; int uri_len = 0, meth, m; @@ -949,14 +949,15 @@ lws_http_action(struct lws *wsi) wsi->http.rx_content_length = 100 * 1024 * 1024; if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { - lws_hdr_copy(wsi, content_length_str, + if (lws_hdr_copy(wsi, content_length_str, sizeof(content_length_str) - 1, - WSI_TOKEN_HTTP_CONTENT_LENGTH); - wsi->http.rx_content_length = atoll(content_length_str); - if (!wsi->http.rx_content_length) { - wsi->http.content_length_explicitly_zero = 1; - lwsl_debug("%s: explicit 0 content-length\n", - __func__); + WSI_TOKEN_HTTP_CONTENT_LENGTH) > 0) { + wsi->http.rx_content_length = atoll(content_length_str); + if (!wsi->http.rx_content_length) { + wsi->http.content_length_explicitly_zero = 1; + lwsl_debug("%s: explicit 0 content-length\n", + __func__); + } } } @@ -985,10 +986,9 @@ lws_http_action(struct lws *wsi) conn_type = HTTP_CONNECTION_CLOSE; /* Override default if http "Connection:" header: */ - if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECTION)) { - lws_hdr_copy(wsi, http_conn_str, - sizeof(http_conn_str) - 1, - WSI_TOKEN_CONNECTION); + if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECTION) && + lws_hdr_copy(wsi, http_conn_str, sizeof(http_conn_str) - 1, + WSI_TOKEN_CONNECTION) > 0) { http_conn_str[sizeof(http_conn_str) - 1] = '\0'; if (!strcasecmp(http_conn_str, "keep-alive")) conn_type = HTTP_CONNECTION_KEEP_ALIVE; diff --git a/plugins/protocol_lws_status.c b/plugins/protocol_lws_status.c index 943d14b05..d77b25ac2 100644 --- a/plugins/protocol_lws_status.c +++ b/plugins/protocol_lws_status.c @@ -43,7 +43,7 @@ struct per_session_data__lws_status { struct per_session_data__lws_status *next; struct lws *wsi; time_t time_est; - char user_agent[128]; + char user_agent[256]; e_walk walk; struct per_session_data__lws_status *walk_next; @@ -119,10 +119,10 @@ callback_lws_status(struct lws *wsi, enum lws_callback_reasons reason, time(&pss->time_est); pss->wsi = wsi; - strcpy(pss->user_agent, "unknown"); - lws_hdr_copy(wsi, pss->user_agent, sizeof(pss->user_agent), - WSI_TOKEN_HTTP_USER_AGENT); + if (lws_hdr_copy(wsi, pss->user_agent, sizeof(pss->user_agent), + WSI_TOKEN_HTTP_USER_AGENT) < 0) /* too big */ + strcpy(pss->user_agent, "unknown"); trigger_resend(vhd); break; diff --git a/test-apps/test-server.c b/test-apps/test-server.c index b9e053ab4..355dbc5ee 100644 --- a/test-apps/test-server.c +++ b/test-apps/test-server.c @@ -106,10 +106,14 @@ lws_callback_http(struct lws *wsi, enum lws_callback_reasons reason, void *user, continue; } - lws_hdr_copy(wsi, buf, sizeof buf, n); - buf[sizeof(buf) - 1] = '\0'; + if (lws_hdr_copy(wsi, buf, sizeof buf, n) < 0) + fprintf(stderr, " %s (too big)\n", + (char *)c, buf); + else { + buf[sizeof(buf) - 1] = '\0'; - fprintf(stderr, " %s = %s\n", (char *)c, buf); + fprintf(stderr, " %s = %s\n", (char *)c, buf); + } n++; } while (c);