1 /***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.haxx.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 ***************************************************************************/
22
23 #include "curl_setup.h"
24
25 #ifndef CURL_DISABLE_HTTP
26
27 #include "urldata.h" /* it includes http_chunks.h */
28 #include "sendf.h" /* for the client write stuff */
29
30 #include "content_encoding.h"
31 #include "http.h"
32 #include "non-ascii.h" /* for Curl_convert_to_network prototype */
33 #include "strtoofft.h"
34 #include "warnless.h"
35
36 /* The last #include files should be: */
37 #include "curl_memory.h"
38 #include "memdebug.h"
39
40 /*
41 * Chunk format (simplified):
42 *
43 * <HEX SIZE>[ chunk extension ] CRLF
44 * <DATA> CRLF
45 *
46 * Highlights from RFC2616 section 3.6 say:
47
48 The chunked encoding modifies the body of a message in order to
49 transfer it as a series of chunks, each with its own size indicator,
50 followed by an OPTIONAL trailer containing entity-header fields. This
51 allows dynamically produced content to be transferred along with the
52 information necessary for the recipient to verify that it has
53 received the full message.
54
55 Chunked-Body = *chunk
56 last-chunk
57 trailer
58 CRLF
59
60 chunk = chunk-size [ chunk-extension ] CRLF
61 chunk-data CRLF
62 chunk-size = 1*HEX
63 last-chunk = 1*("0") [ chunk-extension ] CRLF
64
65 chunk-extension= *( ";" chunk-ext-name [ "=" chunk-ext-val ] )
66 chunk-ext-name = token
67 chunk-ext-val = token | quoted-string
68 chunk-data = chunk-size(OCTET)
69 trailer = *(entity-header CRLF)
70
71 The chunk-size field is a string of hex digits indicating the size of
72 the chunk. The chunked encoding is ended by any chunk whose size is
73 zero, followed by the trailer, which is terminated by an empty line.
74
75 */
76
77 /* Check for an ASCII hex digit.
78 We avoid the use of isxdigit to accommodate non-ASCII hosts. */
Curl_isxdigit(char digit)79 static bool Curl_isxdigit(char digit)
80 {
81 return ( (digit >= 0x30 && digit <= 0x39) /* 0-9 */
82 || (digit >= 0x41 && digit <= 0x46) /* A-F */
83 || (digit >= 0x61 && digit <= 0x66) /* a-f */) ? TRUE : FALSE;
84 }
85
Curl_httpchunk_init(struct connectdata * conn)86 void Curl_httpchunk_init(struct connectdata *conn)
87 {
88 struct Curl_chunker *chunk = &conn->chunk;
89 chunk->hexindex=0; /* start at 0 */
90 chunk->dataleft=0; /* no data left yet! */
91 chunk->state = CHUNK_HEX; /* we get hex first! */
92 }
93
94 /*
95 * chunk_read() returns a OK for normal operations, or a positive return code
96 * for errors. STOP means this sequence of chunks is complete. The 'wrote'
97 * argument is set to tell the caller how many bytes we actually passed to the
98 * client (for byte-counting and whatever).
99 *
100 * The states and the state-machine is further explained in the header file.
101 *
102 * This function always uses ASCII hex values to accommodate non-ASCII hosts.
103 * For example, 0x0d and 0x0a are used instead of '\r' and '\n'.
104 */
Curl_httpchunk_read(struct connectdata * conn,char * datap,ssize_t datalen,ssize_t * wrotep)105 CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
106 char *datap,
107 ssize_t datalen,
108 ssize_t *wrotep)
109 {
110 CURLcode result=CURLE_OK;
111 struct Curl_easy *data = conn->data;
112 struct Curl_chunker *ch = &conn->chunk;
113 struct SingleRequest *k = &data->req;
114 size_t piece;
115 curl_off_t length = (curl_off_t)datalen;
116 size_t *wrote = (size_t *)wrotep;
117
118 *wrote = 0; /* nothing's written yet */
119
120 /* the original data is written to the client, but we go on with the
121 chunk read process, to properly calculate the content length*/
122 if(data->set.http_te_skip && !k->ignorebody) {
123 result = Curl_client_write(conn, CLIENTWRITE_BODY, datap, datalen);
124 if(result)
125 return CHUNKE_WRITE_ERROR;
126 }
127
128 while(length) {
129 switch(ch->state) {
130 case CHUNK_HEX:
131 if(Curl_isxdigit(*datap)) {
132 if(ch->hexindex < MAXNUM_SIZE) {
133 ch->hexbuffer[ch->hexindex] = *datap;
134 datap++;
135 length--;
136 ch->hexindex++;
137 }
138 else {
139 return CHUNKE_TOO_LONG_HEX; /* longer hex than we support */
140 }
141 }
142 else {
143 char *endptr;
144 if(0 == ch->hexindex)
145 /* This is illegal data, we received junk where we expected
146 a hexadecimal digit. */
147 return CHUNKE_ILLEGAL_HEX;
148
149 /* length and datap are unmodified */
150 ch->hexbuffer[ch->hexindex]=0;
151
152 /* convert to host encoding before calling strtoul */
153 result = Curl_convert_from_network(conn->data, ch->hexbuffer,
154 ch->hexindex);
155 if(result) {
156 /* Curl_convert_from_network calls failf if unsuccessful */
157 /* Treat it as a bad hex character */
158 return CHUNKE_ILLEGAL_HEX;
159 }
160
161 ch->datasize=curlx_strtoofft(ch->hexbuffer, &endptr, 16);
162 if((ch->datasize == CURL_OFF_T_MAX) && (errno == ERANGE))
163 /* overflow is an error */
164 return CHUNKE_ILLEGAL_HEX;
165 ch->state = CHUNK_LF; /* now wait for the CRLF */
166 }
167 break;
168
169 case CHUNK_LF:
170 /* waiting for the LF after a chunk size */
171 if(*datap == 0x0a) {
172 /* we're now expecting data to come, unless size was zero! */
173 if(0 == ch->datasize) {
174 ch->state = CHUNK_TRAILER; /* now check for trailers */
175 conn->trlPos=0;
176 }
177 else
178 ch->state = CHUNK_DATA;
179 }
180
181 datap++;
182 length--;
183 break;
184
185 case CHUNK_DATA:
186 /* We expect 'datasize' of data. We have 'length' right now, it can be
187 more or less than 'datasize'. Get the smallest piece.
188 */
189 piece = curlx_sotouz((ch->datasize >= length)?length:ch->datasize);
190
191 /* Write the data portion available */
192 #ifdef HAVE_LIBZ
193 switch (conn->data->set.http_ce_skip?
194 IDENTITY : data->req.auto_decoding) {
195 case IDENTITY:
196 #endif
197 if(!k->ignorebody) {
198 if(!data->set.http_te_skip)
199 result = Curl_client_write(conn, CLIENTWRITE_BODY, datap,
200 piece);
201 else
202 result = CURLE_OK;
203 }
204 #ifdef HAVE_LIBZ
205 break;
206
207 case DEFLATE:
208 /* update data->req.keep.str to point to the chunk data. */
209 data->req.str = datap;
210 result = Curl_unencode_deflate_write(conn, &data->req,
211 (ssize_t)piece);
212 break;
213
214 case GZIP:
215 /* update data->req.keep.str to point to the chunk data. */
216 data->req.str = datap;
217 result = Curl_unencode_gzip_write(conn, &data->req,
218 (ssize_t)piece);
219 break;
220
221 default:
222 failf (conn->data,
223 "Unrecognized content encoding type. "
224 "libcurl understands `identity', `deflate' and `gzip' "
225 "content encodings.");
226 return CHUNKE_BAD_ENCODING;
227 }
228 #endif
229
230 if(result)
231 return CHUNKE_WRITE_ERROR;
232
233 *wrote += piece;
234
235 ch->datasize -= piece; /* decrease amount left to expect */
236 datap += piece; /* move read pointer forward */
237 length -= piece; /* decrease space left in this round */
238
239 if(0 == ch->datasize)
240 /* end of data this round, we now expect a trailing CRLF */
241 ch->state = CHUNK_POSTLF;
242 break;
243
244 case CHUNK_POSTLF:
245 if(*datap == 0x0a) {
246 /* The last one before we go back to hex state and start all over. */
247 Curl_httpchunk_init(conn); /* sets state back to CHUNK_HEX */
248 }
249 else if(*datap != 0x0d)
250 return CHUNKE_BAD_CHUNK;
251 datap++;
252 length--;
253 break;
254
255 case CHUNK_TRAILER:
256 if((*datap == 0x0d) || (*datap == 0x0a)) {
257 /* this is the end of a trailer, but if the trailer was zero bytes
258 there was no trailer and we move on */
259
260 if(conn->trlPos) {
261 /* we allocate trailer with 3 bytes extra room to fit this */
262 conn->trailer[conn->trlPos++]=0x0d;
263 conn->trailer[conn->trlPos++]=0x0a;
264 conn->trailer[conn->trlPos]=0;
265
266 /* Convert to host encoding before calling Curl_client_write */
267 result = Curl_convert_from_network(conn->data, conn->trailer,
268 conn->trlPos);
269 if(result)
270 /* Curl_convert_from_network calls failf if unsuccessful */
271 /* Treat it as a bad chunk */
272 return CHUNKE_BAD_CHUNK;
273
274 if(!data->set.http_te_skip) {
275 result = Curl_client_write(conn, CLIENTWRITE_HEADER,
276 conn->trailer, conn->trlPos);
277 if(result)
278 return CHUNKE_WRITE_ERROR;
279 }
280 conn->trlPos=0;
281 ch->state = CHUNK_TRAILER_CR;
282 if(*datap == 0x0a)
283 /* already on the LF */
284 break;
285 }
286 else {
287 /* no trailer, we're on the final CRLF pair */
288 ch->state = CHUNK_TRAILER_POSTCR;
289 break; /* don't advance the pointer */
290 }
291 }
292 else {
293 /* conn->trailer is assumed to be freed in url.c on a
294 connection basis */
295 if(conn->trlPos >= conn->trlMax) {
296 /* we always allocate three extra bytes, just because when the full
297 header has been received we append CRLF\0 */
298 char *ptr;
299 if(conn->trlMax) {
300 conn->trlMax *= 2;
301 ptr = realloc(conn->trailer, conn->trlMax + 3);
302 }
303 else {
304 conn->trlMax=128;
305 ptr = malloc(conn->trlMax + 3);
306 }
307 if(!ptr)
308 return CHUNKE_OUT_OF_MEMORY;
309 conn->trailer = ptr;
310 }
311 conn->trailer[conn->trlPos++]=*datap;
312 }
313 datap++;
314 length--;
315 break;
316
317 case CHUNK_TRAILER_CR:
318 if(*datap == 0x0a) {
319 ch->state = CHUNK_TRAILER_POSTCR;
320 datap++;
321 length--;
322 }
323 else
324 return CHUNKE_BAD_CHUNK;
325 break;
326
327 case CHUNK_TRAILER_POSTCR:
328 /* We enter this state when a CR should arrive so we expect to
329 have to first pass a CR before we wait for LF */
330 if((*datap != 0x0d) && (*datap != 0x0a)) {
331 /* not a CR then it must be another header in the trailer */
332 ch->state = CHUNK_TRAILER;
333 break;
334 }
335 if(*datap == 0x0d) {
336 /* skip if CR */
337 datap++;
338 length--;
339 }
340 /* now wait for the final LF */
341 ch->state = CHUNK_STOP;
342 break;
343
344 case CHUNK_STOP:
345 if(*datap == 0x0a) {
346 length--;
347
348 /* Record the length of any data left in the end of the buffer
349 even if there's no more chunks to read */
350 ch->dataleft = curlx_sotouz(length);
351
352 return CHUNKE_STOP; /* return stop */
353 }
354 else
355 return CHUNKE_BAD_CHUNK;
356 }
357 }
358 return CHUNKE_OK;
359 }
360
Curl_chunked_strerror(CHUNKcode code)361 const char *Curl_chunked_strerror(CHUNKcode code)
362 {
363 switch (code) {
364 default:
365 return "OK";
366 case CHUNKE_TOO_LONG_HEX:
367 return "Too long hexadecimal number";
368 case CHUNKE_ILLEGAL_HEX:
369 return "Illegal or missing hexadecimal sequence";
370 case CHUNKE_BAD_CHUNK:
371 return "Malformed encoding found";
372 case CHUNKE_WRITE_ERROR:
373 return "Write error";
374 case CHUNKE_BAD_ENCODING:
375 return "Bad content-encoding found";
376 case CHUNKE_OUT_OF_MEMORY:
377 return "Out of memory";
378 }
379 }
380
381 #endif /* CURL_DISABLE_HTTP */
382