Re: [Qemu-devel] [PATCH 1/1] io: ignore case in WebSocket HTTP header #P

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 1/1] io: ignore case in WebSocket HTTP header #P

From:	Daniel P. Berrange
Subject:	Re: [Qemu-devel] [PATCH 1/1] io: ignore case in WebSocket HTTP header #PSBM-57554
Date:	Mon, 27 Feb 2017 20:11:19 +0000
User-agent:	Mutt/1.7.1 (2016-10-04)

On Mon, Jan 30, 2017 at 04:19:56PM +0300, Denis V. Lunev wrote:
> From: Anton Nefedov <address@hidden>
> 
> According to RFC7230 Section 3.2, header field name is case-insensitive.
> 
> The haystack string length is limited by 4096 bytes by
> qio_channel_websock_handshake_read().
> 
> Further, handshake_process() dups and NULL-terminates the string
> so it is safe to call non length-limited functions like strcasestr().
> 
> Signed-off-by: Anton Nefedov <address@hidden>
> Signed-off-by: Denis V. Lunev <address@hidden>
> CC: Daniel P. Berrange <address@hidden>
> ---
>  io/channel-websock.c | 25 ++++++++++++++-----------
>  1 file changed, 14 insertions(+), 11 deletions(-)
> 
> diff --git a/io/channel-websock.c b/io/channel-websock.c
> index d5a4ed3..991925a 100644
> --- a/io/channel-websock.c
> +++ b/io/channel-websock.c
> @@ -108,18 +108,16 @@ enum {
>  };
>  
>  static char *qio_channel_websock_handshake_entry(const char *handshake,
> -                                                 size_t handshake_len,
>                                                   const char *name)
>  {
>      char *begin, *end, *ret = NULL;
>      char *line = g_strdup_printf("%s%s: ",
>                                   QIO_CHANNEL_WEBSOCK_HANDSHAKE_DELIM,
>                                   name);
> -    begin = g_strstr_len(handshake, handshake_len, line);
> +    begin = strcasestr(handshake, line);

So this turns out to break Windows builds since there's no strcasestr
on Mingw. There's no alternative that I know of in glib and I don't
fancy implementing a custom strcasestr() function. So I'm going to
drop this patch entirely, and copy you on an alternative fix that
simply converts the input data to lowercase before comparison. Would
appreciate if you can test my alternate patch with whatever client
you had problems with.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://entangle-photo.org       -o-    http://search.cpan.org/~danberr/ :|

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH 1/1] io: ignore case in WebSocket HTTP header #PSBM-57554, Daniel P. Berrange <=
- Re: [Qemu-devel] [PATCH 1/1] io: ignore case in WebSocket HTTP header #PSBM-57554, Denis V. Lunev, 2017/02/27

Prev by Date: [Qemu-devel] [PATCH v2 32/43] stream: Use real permissions in streaming block job
Next by Date: [Qemu-devel] [PATCH v2 33/43] mirror: Add filter-node-name to blockdev-mirror
Previous by thread: [Qemu-devel] [PATCH v2 00/43] New op blocker system, part 1
Next by thread: Re: [Qemu-devel] [PATCH 1/1] io: ignore case in WebSocket HTTP header #PSBM-57554
Index(es):
- Date
- Thread