[xiph-cvs] cvs commit: icecast/src connection.c util.c util.h
Michael Smith
msmith at xiph.org
Sun Aug 11 07:23:39 PDT 2002
msmith 02/08/11 10:23:39
Modified: src connection.c util.c util.h
Log:
More path handling cleanups, and memory leak fixes.
Revision Changes Path
1.20 +31 -5 icecast/src/connection.c
Index: connection.c
===================================================================
RCS file: /usr/local/cvsroot/icecast/src/connection.c,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- connection.c 11 Aug 2002 14:00:56 -0000 1.19
+++ connection.c 11 Aug 2002 14:23:39 -0000 1.20
@@ -344,7 +344,7 @@
int bytes;
struct stat statbuf;
char *fullpath;
- char *uri;
+ char *rawuri, *uri;
while (global.running == ICE_RUNNING) {
memset(header, 0, 4096);
@@ -377,7 +377,17 @@
continue;
}
- uri = httpp_getvar(parser, HTTPP_VAR_URI);
+ rawuri = httpp_getvar(parser, HTTPP_VAR_URI);
+ uri = util_normalise_uri(rawuri);
+
+ if(!uri) {
+ client = client_create(con, parser);
+ bytes = sock_write(client->con->sock, "HTTP/1.0 404 File Not Found\r\nContent-Type: text/html\r\n\r\n"\
+ "<b>The path you requested was invalid.</b>\r\n");
+ if(bytes > 0) client->con->sent_bytes = bytes;
+ client_destroy(client);
+ continue;
+ }
if (parser->req_type == httpp_req_source) {
INFO1("Source logging in at mountpoint \"%s\"", uri);
@@ -387,6 +397,7 @@
INFO1("Source (%s) attempted to login with bad password", uri);
connection_close(con);
httpp_destroy(parser);
+ free(uri);
continue;
}
@@ -399,6 +410,7 @@
INFO1("Source tried to log in as %s, but is already used", uri);
connection_close(con);
httpp_destroy(parser);
+ free(uri);
avl_tree_unlock(global.source_tree);
continue;
}
@@ -407,6 +419,7 @@
if (!connection_create_source(con, parser, uri)) {
connection_close(con);
httpp_destroy(parser);
+ free(uri);
}
continue;
@@ -417,6 +430,7 @@
ERROR0("Bad password for stats connection");
connection_close(con);
httpp_destroy(parser);
+ free(uri);
continue;
}
@@ -428,7 +442,8 @@
stats->con = con;
thread_create("Stats Connection", stats_connection, (void *)stats, THREAD_DETACHED);
-
+
+ free(uri);
continue;
} else if (parser->req_type == httpp_req_play || parser->req_type == httpp_req_get) {
DEBUG0("Client connected");
@@ -449,6 +464,7 @@
DEBUG0("Stats request, sending xml stats");
stats_sendxml(client);
client_destroy(client);
+ free(uri);
continue;
}
@@ -456,8 +472,8 @@
** if the extension is .xsl, if so, then process
** this request as an XSLT request
*/
- fullpath = util_get_path_from_uri(uri);
- if (fullpath && util_check_valid_extension(fullpath) == XSLT_CONTENT) {
+ fullpath = util_get_path_from_normalised_uri(uri);
+ if (util_check_valid_extension(fullpath) == XSLT_CONTENT) {
/* If the file exists, then transform it, otherwise, write a 404 error */
if (stat(fullpath, &statbuf) == 0) {
DEBUG0("Stats request, sending XSL transformed stats");
@@ -470,9 +486,12 @@
"<b>The file you requested could not be found.</b>\r\n");
if(bytes > 0) client->con->sent_bytes = bytes;
}
+ free(fullpath);
+ free(uri);
client_destroy(client);
continue;
}
+ free(fullpath);
if(strcmp(util_get_extension(uri), "m3u") == 0) {
char *sourceuri = strdup(uri);
@@ -496,6 +515,8 @@
}
avl_tree_unlock(global.source_tree);
if(bytes > 0) client->con->sent_bytes = bytes;
+ free(sourceuri);
+ free(uri);
client_destroy(client);
continue;
}
@@ -526,6 +547,7 @@
}
avl_tree_unlock(global.source_tree);
}
+ free(uri);
client_destroy(client);
continue;
}
@@ -540,6 +562,7 @@
}
client_destroy(client);
global_unlock();
+ free(uri);
continue;
}
global_unlock();
@@ -557,6 +580,7 @@
"<b>The server is already full. Try again later.</b>\r\n");
if (bytes > 0) client->con->sent_bytes = bytes;
}
+ free(uri);
client_destroy(client);
global_unlock();
continue;
@@ -605,11 +629,13 @@
client_destroy(client);
}
+ free(uri);
continue;
} else {
ERROR0("Wrong request type from client");
connection_close(con);
httpp_destroy(parser);
+ free(uri);
continue;
}
} else {
<p><p>1.8 +30 -9 icecast/src/util.c
Index: util.c
===================================================================
RCS file: /usr/local/cvsroot/icecast/src/util.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- util.c 11 Aug 2002 14:00:56 -0000 1.7
+++ util.c 11 Aug 2002 14:23:39 -0000 1.8
@@ -182,13 +182,39 @@
return 1;
}
+char *util_get_path_from_uri(char *uri) {
+ char *path = util_normalise_uri(uri);
+ char *fullpath;
+
+ if(!path)
+ return NULL;
+ else {
+ fullpath = util_get_path_from_normalised_uri(path);
+ free(path);
+ return fullpath;
+ }
+}
+
+char *util_get_path_from_normalised_uri(char *uri) {
+ char *fullpath;
+
+ fullpath = malloc(strlen(uri) + strlen(config_get_config()->webroot_dir) + 1);
+ strcpy(fullpath, config_get_config()->webroot_dir);
+
+ strcat(fullpath, uri);
+
+ return fullpath;
+}
+
+
+
+
/* Get an absolute path (from the webroot dir) from a URI. Return NULL if the
* path contains 'disallowed' sequences like foo/../ (which could be used to
* escape from the webroot) or if it cannot be URI-decoded.
* Caller should free the path.
*/
-char *util_get_path_from_uri(char *uri) {
- char *root = config_get_config()->webroot_dir;
+char *util_normalise_uri(char *uri) {
int urilen = strlen(uri);
unsigned char *path;
char *dst;
@@ -198,12 +224,9 @@
if(uri[0] != '/')
return NULL;
- path = calloc(1, urilen + strlen(root) + 1);
-
- strcpy(path, root);
-
- dst = path+strlen(root);
+ path = calloc(1, urilen + 1);
+ dst = path;
for(i=0; i < urilen; i++) {
switch(uri[i]) {
@@ -235,8 +258,6 @@
if(done)
break;
}
-
- DEBUG1("After URI-decode path is \"%s\"", path);
*dst = 0; /* null terminator */
<p><p>1.6 +2 -0 icecast/src/util.h
Index: util.h
===================================================================
RCS file: /usr/local/cvsroot/icecast/src/util.h,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- util.h 11 Aug 2002 14:00:56 -0000 1.5
+++ util.h 11 Aug 2002 14:23:39 -0000 1.6
@@ -9,5 +9,7 @@
int util_check_valid_extension(char *uri);
char *util_get_extension(char *path);
char *util_get_path_from_uri(char *uri);
+char *util_get_path_from_normalised_uri(char *uri);
+char *util_normalise_uri(char *uri);
#endif /* __UTIL_H__ */
<p><p>--- >8 ----
List archives: http://www.xiph.org/archives/
Ogg project homepage: http://www.xiph.org/ogg/
To unsubscribe from this list, send a message to 'cvs-request at xiph.org'
containing only the word 'unsubscribe' in the body. No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.
More information about the commits
mailing list