[libmicrohttpd] bug in MHD_create_response_from_fd_at

libmicrohttpd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libmicrohttpd] bug in MHD_create_response_from_fd_at_offset()

From:	Eivind Sarto
Subject:	[libmicrohttpd] bug in MHD_create_response_from_fd_at_offset()
Date:	Fri, 11 Mar 2011 15:32:21 -0500

There appears to be a bug in  MHD_create_response_from_fd_at_offset().
Calling this function with anything other than a zero offset will cause wrong 
data
or no data (sendfile fails if length < 0).

If you use this call with any application that uses ranges, this bug will 
trigger.

In src/daemon/daemon.c: send_param_adapter()
      .....
      /* can use sendfile */
      offset = (off_t) connection->response_write_position + 
connection->response->fd_off;
#ifdef BUGFIX
      /* correct */
      left = connection->response->total_size -  
connection->response_write_position;
#else
      left = connection->response->total_size - offset;
#endif
      if (left > SSIZE_MAX)
        left = SSIZE_MAX; /* cap at return value limit */
      ret = sendfile (connection->socket_fd,
                      fd,
                      &offset,
                      left);


-eivind

[Prev in Thread]

Current Thread

[Next in Thread]

[libmicrohttpd] bug in MHD_create_response_from_fd_at_offset(), Eivind Sarto <=
- Re: [libmicrohttpd] bug in MHD_create_response_from_fd_at_offset(), Christian Grothoff, 2011/03/11

Prev by Date: Re: [libmicrohttpd] Help
Next by Date: Re: [libmicrohttpd] bug in MHD_create_response_from_fd_at_offset()
Previous by thread: [libmicrohttpd] Help
Next by thread: Re: [libmicrohttpd] bug in MHD_create_response_from_fd_at_offset()
Index(es):
- Date
- Thread