From: Yann Ylavic Date: Sat, 13 Jun 2015 23:35:04 +0000 (+0000) Subject: Follow up to r1684513: allow spaces before and after chunk-size. X-Git-Tag: 2.5.0-alpha~3082 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=8b96b3b3cebc4aa5f98e7e7f69b31f8012a53447;p=apache Follow up to r1684513: allow spaces before and after chunk-size. Slightly modified version of trawick's proposal. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1685345 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/http/http_filters.c b/modules/http/http_filters.c index 8a628b9078..834b3ba38d 100644 --- a/modules/http/http_filters.c +++ b/modules/http/http_filters.c @@ -71,10 +71,11 @@ typedef struct http_filter_ctx BODY_CHUNK, /* chunk expected */ BODY_CHUNK_PART, /* chunk digits */ BODY_CHUNK_EXT, /* chunk extension */ - BODY_CHUNK_LF, /* got CR, expect LF after digits/extension */ + BODY_CHUNK_CR, /* got space(s) after digits, expect [CR]LF or ext */ + BODY_CHUNK_LF, /* got CR after digits or ext, expect LF */ BODY_CHUNK_DATA, /* data constrained by chunked encoding */ BODY_CHUNK_END, /* chunked data terminating CRLF */ - BODY_CHUNK_END_LF, /* got CR, expect LF after data */ + BODY_CHUNK_END_LF, /* got CR after data, expect LF */ BODY_CHUNK_TRAILER /* trailers */ } state; unsigned int eos_sent :1; @@ -119,6 +120,10 @@ static apr_status_t parse_chunk_size(http_ctx_t *ctx, const char *buffer, /* handle start of the chunk */ if (ctx->state == BODY_CHUNK) { + if (c == ' ' || c == '\t') { + i++; + continue; + } if (!apr_isxdigit(c)) { /* * Detect invalid character at beginning. This also works for @@ -162,6 +167,15 @@ static apr_status_t parse_chunk_size(http_ctx_t *ctx, const char *buffer, return APR_EINVAL; } } + else if (c == ' ' || c == '\t') { + ctx->state = BODY_CHUNK_CR; + } + else if (ctx->state == BODY_CHUNK_CR) { + /* + * ';', CR or LF expected. + */ + return APR_EINVAL; + } else if (ctx->state == BODY_CHUNK_PART) { int xvalue;