File: | lib/lwan-request.c |
Warning: | line 1724, column 13 1st function call argument is an uninitialized value |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* | |||
2 | * lwan - web server | |||
3 | * Copyright (c) 2012-2014 L. A. F. Pereira <l@tia.mat.br> | |||
4 | * | |||
5 | * This program is free software; you can redistribute it and/or | |||
6 | * modify it under the terms of the GNU General Public License | |||
7 | * as published by the Free Software Foundation; either version 2 | |||
8 | * of the License, or any later version. | |||
9 | * | |||
10 | * This program is distributed in the hope that it will be useful, | |||
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||
13 | * GNU General Public License for more details. | |||
14 | * | |||
15 | * You should have received a copy of the GNU General Public License | |||
16 | * along with this program; if not, write to the Free Software | |||
17 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
18 | */ | |||
19 | ||||
20 | #define _GNU_SOURCE | |||
21 | #include <arpa/inet.h> | |||
22 | #include <assert.h> | |||
23 | #include <ctype.h> | |||
24 | #include <errno(*__errno_location ()).h> | |||
25 | #include <fcntl.h> | |||
26 | #include <inttypes.h> | |||
27 | #include <limits.h> | |||
28 | #include <stddef.h> | |||
29 | #include <stdio.h> | |||
30 | #include <stdlib.h> | |||
31 | #include <string.h> | |||
32 | #include <strings.h> | |||
33 | #include <sys/mman.h> | |||
34 | #include <sys/socket.h> | |||
35 | #include <sys/stat.h> | |||
36 | #include <sys/types.h> | |||
37 | #include <sys/vfs.h> | |||
38 | #include <unistd.h> | |||
39 | ||||
40 | #include "lwan-private.h" | |||
41 | ||||
42 | #include "base64.h" | |||
43 | #include "list.h" | |||
44 | #include "lwan-config.h" | |||
45 | #include "lwan-http-authorize.h" | |||
46 | #include "lwan-io-wrappers.h" | |||
47 | #include "sha1.h" | |||
48 | ||||
49 | #define HEADER_VALUE_SEPARATOR_LEN(sizeof(": ") - 1) (sizeof(": ") - 1) | |||
50 | #define HEADER_TERMINATOR_LEN(sizeof("\r\n") - 1) (sizeof("\r\n") - 1) | |||
51 | #define MIN_REQUEST_SIZE(sizeof("GET / HTTP/1.1\r\n\r\n") - 1) (sizeof("GET / HTTP/1.1\r\n\r\n") - 1) | |||
52 | ||||
53 | enum lwan_read_finalizer { | |||
54 | FINALIZER_DONE, | |||
55 | FINALIZER_TRY_AGAIN, | |||
56 | FINALIZER_TIMEOUT, | |||
57 | }; | |||
58 | ||||
59 | struct proxy_header_v2 { | |||
60 | uint8_t sig[12]; | |||
61 | uint8_t cmd_ver; | |||
62 | uint8_t fam; | |||
63 | uint16_t len; | |||
64 | union { | |||
65 | struct { | |||
66 | in_addr_t src_addr; | |||
67 | in_addr_t dst_addr; | |||
68 | uint16_t src_port; | |||
69 | uint16_t dst_port; | |||
70 | } ip4; | |||
71 | struct { | |||
72 | struct in6_addr src_addr; | |||
73 | struct in6_addr dst_addr; | |||
74 | uint16_t src_port; | |||
75 | uint16_t dst_port; | |||
76 | } ip6; | |||
77 | } addr; | |||
78 | }; | |||
79 | ||||
80 | static char decode_hex_digit(char ch) __attribute__((pure)); | |||
81 | static char *ignore_leading_whitespace(char *buffer) __attribute__((pure)); | |||
82 | ||||
83 | ||||
84 | static bool_Bool | |||
85 | parse_ascii_port(char *port, unsigned short *out) | |||
86 | { | |||
87 | unsigned long parsed; | |||
88 | char *end_ptr; | |||
89 | ||||
90 | errno(*__errno_location ()) = 0; | |||
91 | parsed = strtoul(port, &end_ptr, 10); | |||
92 | ||||
93 | if (UNLIKELY(errno != 0)__builtin_expect((((*__errno_location ()) != 0)), (0))) | |||
94 | return false0; | |||
95 | ||||
96 | if (UNLIKELY(*end_ptr != '\0')__builtin_expect(((*end_ptr != '\0')), (0))) | |||
97 | return false0; | |||
98 | ||||
99 | if (UNLIKELY((unsigned long)(unsigned short)parsed != parsed)__builtin_expect((((unsigned long)(unsigned short)parsed != parsed )), (0))) | |||
100 | return false0; | |||
101 | ||||
102 | *out = htons((unsigned short)parsed); | |||
103 | return true1; | |||
104 | } | |||
105 | ||||
106 | static char * | |||
107 | strsep_char(char *strp, const char *end, char delim) | |||
108 | { | |||
109 | char *ptr; | |||
110 | ||||
111 | if (UNLIKELY(!strp)__builtin_expect(((!strp)), (0))) | |||
112 | return NULL((void*)0); | |||
113 | ||||
114 | if (UNLIKELY(strp > end)__builtin_expect(((strp > end)), (0))) | |||
115 | return NULL((void*)0); | |||
116 | ||||
117 | ptr = strchr(strp, delim); | |||
118 | if (UNLIKELY(!ptr)__builtin_expect(((!ptr)), (0))) | |||
119 | return NULL((void*)0); | |||
120 | ||||
121 | *ptr = '\0'; | |||
122 | return ptr + 1; | |||
123 | } | |||
124 | ||||
125 | static char * | |||
126 | parse_proxy_protocol_v1(struct lwan_request *request, char *buffer) | |||
127 | { | |||
128 | static const size_t line_size = 108; | |||
129 | char *end, *protocol, *src_addr, *dst_addr, *src_port, *dst_port; | |||
130 | unsigned int size; | |||
131 | struct lwan_proxy *const proxy = request->proxy; | |||
132 | ||||
133 | end = memchr(buffer, '\r', line_size); | |||
134 | if (UNLIKELY(!end || end[1] != '\n')__builtin_expect(((!end || end[1] != '\n')), (0))) | |||
135 | return NULL((void*)0); | |||
136 | *end = '\0'; | |||
137 | size = (unsigned int) (end + 2 - buffer); | |||
138 | ||||
139 | protocol = buffer + sizeof("PROXY ") - 1; | |||
140 | src_addr = strsep_char(protocol, end, ' '); | |||
141 | dst_addr = strsep_char(src_addr, end, ' '); | |||
142 | src_port = strsep_char(dst_addr, end, ' '); | |||
143 | dst_port = strsep_char(src_port, end, ' '); | |||
144 | ||||
145 | if (UNLIKELY(!dst_port)__builtin_expect(((!dst_port)), (0))) | |||
146 | return NULL((void*)0); | |||
147 | ||||
148 | STRING_SWITCH(protocol)switch (string_as_uint32(protocol)) { | |||
149 | case STR4_INT('T', 'C', 'P', '4')((uint32_t)(('T') | ('C') << 8 | ('P') << 16 | ('4' ) << 24)): { | |||
150 | struct sockaddr_in *from = &proxy->from.ipv4; | |||
151 | struct sockaddr_in *to = &proxy->to.ipv4; | |||
152 | ||||
153 | from->sin_family = to->sin_family = AF_INET2; | |||
154 | ||||
155 | if (UNLIKELY(inet_pton(AF_INET, src_addr, &from->sin_addr) <= 0)__builtin_expect(((inet_pton(2, src_addr, &from->sin_addr ) <= 0)), (0))) | |||
156 | return NULL((void*)0); | |||
157 | if (UNLIKELY(inet_pton(AF_INET, dst_addr, &to->sin_addr) <= 0)__builtin_expect(((inet_pton(2, dst_addr, &to->sin_addr ) <= 0)), (0))) | |||
158 | return NULL((void*)0); | |||
159 | if (UNLIKELY(!parse_ascii_port(src_port, &from->sin_port))__builtin_expect(((!parse_ascii_port(src_port, &from-> sin_port))), (0))) | |||
160 | return NULL((void*)0); | |||
161 | if (UNLIKELY(!parse_ascii_port(dst_port, &to->sin_port))__builtin_expect(((!parse_ascii_port(dst_port, &to->sin_port ))), (0))) | |||
162 | return NULL((void*)0); | |||
163 | ||||
164 | break; | |||
165 | } | |||
166 | case STR4_INT('T', 'C', 'P', '6')((uint32_t)(('T') | ('C') << 8 | ('P') << 16 | ('6' ) << 24)): { | |||
167 | struct sockaddr_in6 *from = &proxy->from.ipv6; | |||
168 | struct sockaddr_in6 *to = &proxy->to.ipv6; | |||
169 | ||||
170 | from->sin6_family = to->sin6_family = AF_INET610; | |||
171 | ||||
172 | if (UNLIKELY(inet_pton(AF_INET6, src_addr, &from->sin6_addr) <= 0)__builtin_expect(((inet_pton(10, src_addr, &from->sin6_addr ) <= 0)), (0))) | |||
173 | return NULL((void*)0); | |||
174 | if (UNLIKELY(inet_pton(AF_INET6, dst_addr, &to->sin6_addr) <= 0)__builtin_expect(((inet_pton(10, dst_addr, &to->sin6_addr ) <= 0)), (0))) | |||
175 | return NULL((void*)0); | |||
176 | if (UNLIKELY(!parse_ascii_port(src_port, &from->sin6_port))__builtin_expect(((!parse_ascii_port(src_port, &from-> sin6_port))), (0))) | |||
177 | return NULL((void*)0); | |||
178 | if (UNLIKELY(!parse_ascii_port(dst_port, &to->sin6_port))__builtin_expect(((!parse_ascii_port(dst_port, &to->sin6_port ))), (0))) | |||
179 | return NULL((void*)0); | |||
180 | ||||
181 | break; | |||
182 | } | |||
183 | default: | |||
184 | return NULL((void*)0); | |||
185 | } | |||
186 | ||||
187 | request->flags |= REQUEST_PROXIED; | |||
188 | return buffer + size; | |||
189 | } | |||
190 | ||||
191 | static char *parse_proxy_protocol_v2(struct lwan_request *request, char *buffer) | |||
192 | { | |||
193 | struct proxy_header_v2 *hdr = (struct proxy_header_v2 *)buffer; | |||
194 | struct lwan_request_parser_helper *helper = request->helper; | |||
195 | const unsigned int proto_signature_length = 16; | |||
196 | unsigned int size; | |||
197 | struct lwan_proxy *const proxy = request->proxy; | |||
198 | ||||
199 | enum { LOCAL = 0x20, PROXY = 0x21, TCP4 = 0x11, TCP6 = 0x21 }; | |||
200 | ||||
201 | size = proto_signature_length + (unsigned int)ntohs(hdr->len); | |||
202 | if (UNLIKELY(size > (unsigned int)sizeof(*hdr))__builtin_expect(((size > (unsigned int)sizeof(*hdr))), (0 ))) | |||
203 | return NULL((void*)0); | |||
204 | if (UNLIKELY(size >= helper->buffer->len)__builtin_expect(((size >= helper->buffer->len)), (0 ))) | |||
205 | return NULL((void*)0); | |||
206 | ||||
207 | if (LIKELY(hdr->cmd_ver == PROXY)__builtin_expect((!!(hdr->cmd_ver == PROXY)), (1))) { | |||
208 | if (hdr->fam == TCP4) { | |||
209 | struct sockaddr_in *from = &proxy->from.ipv4; | |||
210 | struct sockaddr_in *to = &proxy->to.ipv4; | |||
211 | ||||
212 | to->sin_family = from->sin_family = AF_INET2; | |||
213 | ||||
214 | from->sin_addr.s_addr = hdr->addr.ip4.src_addr; | |||
215 | from->sin_port = hdr->addr.ip4.src_port; | |||
216 | ||||
217 | to->sin_addr.s_addr = hdr->addr.ip4.dst_addr; | |||
218 | to->sin_port = hdr->addr.ip4.dst_port; | |||
219 | } else if (hdr->fam == TCP6) { | |||
220 | struct sockaddr_in6 *from = &proxy->from.ipv6; | |||
221 | struct sockaddr_in6 *to = &proxy->to.ipv6; | |||
222 | ||||
223 | from->sin6_family = to->sin6_family = AF_INET610; | |||
224 | ||||
225 | from->sin6_addr = hdr->addr.ip6.src_addr; | |||
226 | from->sin6_port = hdr->addr.ip6.src_port; | |||
227 | ||||
228 | to->sin6_addr = hdr->addr.ip6.dst_addr; | |||
229 | to->sin6_port = hdr->addr.ip6.dst_port; | |||
230 | } else { | |||
231 | return NULL((void*)0); | |||
232 | } | |||
233 | } else if (hdr->cmd_ver == LOCAL) { | |||
234 | struct sockaddr_in *from = &proxy->from.ipv4; | |||
235 | struct sockaddr_in *to = &proxy->to.ipv4; | |||
236 | ||||
237 | from->sin_family = to->sin_family = AF_UNSPEC0; | |||
238 | } else { | |||
239 | return NULL((void*)0); | |||
240 | } | |||
241 | ||||
242 | request->flags |= REQUEST_PROXIED; | |||
243 | return buffer + size; | |||
244 | } | |||
245 | ||||
246 | #if !defined(LWAN_HAVE_BUILTIN_EXPECT_PROBABILITY) | |||
247 | #define __builtin_expect_with_probability(value1, value2, probability) \ | |||
248 | __builtin_expect(value1, value2) | |||
249 | #endif | |||
250 | ||||
251 | static ALWAYS_INLINEinline __attribute__((always_inline)) char *identify_http_method(struct lwan_request *request, | |||
252 | char *buffer) | |||
253 | { | |||
254 | const uint32_t first_four = string_as_uint32(buffer); | |||
255 | ||||
256 | #define GENERATE_IF(upper, lower, mask, constant, probability) \ | |||
257 | if (__builtin_expect_with_probability(first_four == (constant), 1, \ | |||
258 | probability)) { \ | |||
259 | request->flags |= (mask); \ | |||
260 | return buffer + sizeof(#upper); \ | |||
261 | } | |||
262 | ||||
263 | FOR_EACH_REQUEST_METHOD(GENERATE_IF)GENERATE_IF(GET, get, (1 << 0), (((uint32_t)(('G') | ('E' ) << 8 | ('T') << 16 | (' ') << 24))), 0.6) GENERATE_IF(POST, post, (1 << 3 | 1 << 1 | 1 << 0), (((uint32_t)(('P') | ('O') << 8 | ('S') << 16 | ('T') << 24))), 0.2) GENERATE_IF(HEAD, head, (1 << 1), (((uint32_t)(('H') | ('E') << 8 | ('A') << 16 | ('D') << 24))), 0.2) GENERATE_IF(OPTIONS, options, ( 1 << 2), (((uint32_t)(('O') | ('P') << 8 | ('T') << 16 | ('I') << 24))), 0.1) GENERATE_IF(DELETE, delete, ( 1 << 1 | 1 << 2), (((uint32_t)(('D') | ('E') << 8 | ('L') << 16 | ('E') << 24))), 0.1) GENERATE_IF (PUT, put, (1 << 3 | 1 << 2 | 1 << 0), (((uint32_t )(('P') | ('U') << 8 | ('T') << 16 | (' ') << 24))), 0.1) | |||
264 | ||||
265 | #undef GENERATE_IF | |||
266 | ||||
267 | return NULL((void*)0); | |||
268 | } | |||
269 | ||||
270 | static ALWAYS_INLINEinline __attribute__((always_inline)) char decode_hex_digit(char ch) | |||
271 | { | |||
272 | static const char hex_digit_tbl[256] = { | |||
273 | ['0'] = 0, ['1'] = 1, ['2'] = 2, ['3'] = 3, ['4'] = 4, ['5'] = 5, | |||
274 | ['6'] = 6, ['7'] = 7, ['8'] = 8, ['9'] = 9, ['a'] = 10, ['b'] = 11, | |||
275 | ['c'] = 12, ['d'] = 13, ['e'] = 14, ['f'] = 15, ['A'] = 10, ['B'] = 11, | |||
276 | ['C'] = 12, ['D'] = 13, ['E'] = 14, ['F'] = 15, | |||
277 | }; | |||
278 | return hex_digit_tbl[(unsigned char)ch]; | |||
279 | } | |||
280 | ||||
281 | __attribute__((nonnull(1))) static ssize_t url_decode(char *str) | |||
282 | { | |||
283 | const char *inptr = str; | |||
284 | char *outptr = str; | |||
285 | ||||
286 | for (char *ch = strchr(str, '+'); ch; ch = strchr(ch + 1, '+')) | |||
287 | *ch = ' '; | |||
288 | ||||
289 | for (const char *pct = strchr(inptr, '%'); pct; pct = strchr(inptr, '%')) { | |||
290 | ptrdiff_t diff = pct - inptr; | |||
291 | if (diff) | |||
292 | outptr = stpncpy(outptr, inptr, (size_t)diff); | |||
293 | ||||
294 | char decoded = (char)(decode_hex_digit(pct[1]) << 4); | |||
295 | decoded |= (char)decode_hex_digit(pct[2]); | |||
296 | if (UNLIKELY(!decoded)__builtin_expect(((!decoded)), (0))) | |||
297 | return -1; | |||
298 | ||||
299 | *outptr = decoded; | |||
300 | outptr++; | |||
301 | ||||
302 | inptr = pct + 3; | |||
303 | } | |||
304 | ||||
305 | if (inptr > outptr) | |||
306 | outptr = stpcpy(outptr, inptr); | |||
307 | ||||
308 | return (ssize_t)(outptr - str); | |||
309 | } | |||
310 | ||||
311 | static int key_value_compare(const void *a, const void *b) | |||
312 | { | |||
313 | return strcmp(((const struct lwan_key_value *)a)->key, | |||
314 | ((const struct lwan_key_value *)b)->key); | |||
315 | } | |||
316 | ||||
317 | static void | |||
318 | reset_key_value_array(void *data) | |||
319 | { | |||
320 | struct lwan_key_value_array *array = data; | |||
321 | ||||
322 | lwan_key_value_array_reset(array); | |||
323 | } | |||
324 | ||||
325 | static void parse_key_values(struct lwan_request *request, | |||
326 | struct lwan_value *helper_value, | |||
327 | struct lwan_key_value_array *array, | |||
328 | ssize_t (*decode_value)(char *value), | |||
329 | const char separator) | |||
330 | { | |||
331 | struct lwan_key_value *kv; | |||
332 | char *ptr = helper_value->value; | |||
333 | const char *end = helper_value->value + helper_value->len; | |||
334 | coro_deferred reset_defer; | |||
335 | ||||
336 | if (!helper_value->len) | |||
337 | return; | |||
338 | ||||
339 | lwan_key_value_array_init(array); | |||
340 | reset_defer = coro_defer(request->conn->coro, reset_key_value_array, array); | |||
341 | ||||
342 | do { | |||
343 | char *key, *value; | |||
344 | ||||
345 | while (*ptr == ' ' || *ptr == separator) | |||
346 | ptr++; | |||
347 | if (UNLIKELY(*ptr == '\0')__builtin_expect(((*ptr == '\0')), (0))) | |||
348 | break; | |||
349 | ||||
350 | key = ptr; | |||
351 | ptr = strsep_char(key, end, separator); | |||
352 | ||||
353 | value = strsep_char(key, end, '='); | |||
354 | if (UNLIKELY(!value)__builtin_expect(((!value)), (0))) { | |||
355 | value = ""; | |||
356 | } else if (UNLIKELY(decode_value(value) < 0)__builtin_expect(((decode_value(value) < 0)), (0))) { | |||
357 | /* Disallow values that failed decoding, but allow empty values */ | |||
358 | goto error; | |||
359 | } | |||
360 | ||||
361 | if (UNLIKELY(decode_value(key) <= 0)__builtin_expect(((decode_value(key) <= 0)), (0))) { | |||
362 | /* Disallow keys that failed decoding, or empty keys */ | |||
363 | goto error; | |||
364 | } | |||
365 | ||||
366 | kv = lwan_key_value_array_append(array); | |||
367 | if (UNLIKELY(!kv)__builtin_expect(((!kv)), (0))) | |||
368 | goto error; | |||
369 | ||||
370 | kv->key = key; | |||
371 | kv->value = value; | |||
372 | } while (ptr); | |||
373 | ||||
374 | lwan_key_value_array_sort(array, key_value_compare); | |||
375 | ||||
376 | return; | |||
377 | ||||
378 | error: | |||
379 | coro_defer_fire_and_disarm(request->conn->coro, reset_defer); | |||
380 | } | |||
381 | ||||
382 | static ssize_t | |||
383 | identity_decode(char *input __attribute__((unused))) | |||
384 | { | |||
385 | return 1; | |||
386 | } | |||
387 | ||||
388 | static void parse_cookies(struct lwan_request *request) | |||
389 | { | |||
390 | const char *cookies = lwan_request_get_header(request, "Cookie"); | |||
391 | ||||
392 | if (!cookies) | |||
393 | return; | |||
394 | ||||
395 | struct lwan_value header = {.value = (char *)cookies, | |||
396 | .len = strlen(cookies)}; | |||
397 | parse_key_values(request, &header, &request->helper->cookies, | |||
398 | identity_decode, ';'); | |||
399 | } | |||
400 | ||||
401 | static void parse_query_string(struct lwan_request *request) | |||
402 | { | |||
403 | struct lwan_request_parser_helper *helper = request->helper; | |||
404 | ||||
405 | parse_key_values(request, &helper->query_string, &helper->query_params, | |||
406 | url_decode, '&'); | |||
407 | } | |||
408 | ||||
409 | static void parse_form_data(struct lwan_request *request) | |||
410 | { | |||
411 | struct lwan_request_parser_helper *helper = request->helper; | |||
412 | static const char content_type[] = "application/x-www-form-urlencoded"; | |||
413 | ||||
414 | if (helper->content_type.len < sizeof(content_type) - 1) | |||
415 | return; | |||
416 | if (UNLIKELY(strncmp(helper->content_type.value, content_type,__builtin_expect(((strncmp(helper->content_type.value, content_type , sizeof(content_type) - 1))), (0)) | |||
417 | sizeof(content_type) - 1))__builtin_expect(((strncmp(helper->content_type.value, content_type , sizeof(content_type) - 1))), (0))) | |||
418 | return; | |||
419 | ||||
420 | parse_key_values(request, &helper->body_data, &helper->post_params, | |||
421 | url_decode, '&'); | |||
422 | } | |||
423 | ||||
424 | static void find_query_string(struct lwan_request *request, const char *space) | |||
425 | { | |||
426 | struct lwan_request_parser_helper *helper = request->helper; | |||
427 | ||||
428 | char *query_string = memchr(request->url.value, '?', request->url.len); | |||
429 | if (query_string) { | |||
430 | *query_string = '\0'; | |||
431 | helper->query_string.value = query_string + 1; | |||
432 | helper->query_string.len = (size_t)(space - query_string - 1); | |||
433 | request->url.len -= helper->query_string.len + 1; | |||
434 | request->flags |= REQUEST_HAS_QUERY_STRING; | |||
435 | } | |||
436 | } | |||
437 | ||||
438 | static char * | |||
439 | identify_http_path(struct lwan_request *request, char *buffer) | |||
440 | { | |||
441 | struct lwan_request_parser_helper *helper = request->helper; | |||
442 | static const size_t minimal_request_line_len = sizeof("/ HTTP/1.0") - 1; | |||
443 | char *space, *end_of_line; | |||
444 | ptrdiff_t end_len; | |||
445 | ||||
446 | if (UNLIKELY(*buffer != '/')__builtin_expect(((*buffer != '/')), (0))) | |||
447 | return NULL((void*)0); | |||
448 | ||||
449 | end_len = buffer - helper->buffer->value; | |||
450 | if (UNLIKELY((size_t)end_len >= helper->buffer->len)__builtin_expect((((size_t)end_len >= helper->buffer-> len)), (0))) | |||
451 | return NULL((void*)0); | |||
452 | ||||
453 | end_of_line = memchr(buffer, '\r', helper->buffer->len - (size_t)end_len); | |||
454 | if (UNLIKELY(!end_of_line)__builtin_expect(((!end_of_line)), (0))) | |||
455 | return NULL((void*)0); | |||
456 | if (UNLIKELY((size_t)(end_of_line - buffer) < minimal_request_line_len)__builtin_expect((((size_t)(end_of_line - buffer) < minimal_request_line_len )), (0))) | |||
457 | return NULL((void*)0); | |||
458 | *end_of_line = '\0'; | |||
459 | ||||
460 | space = end_of_line - sizeof("HTTP/X.X"); | |||
461 | ||||
462 | request->url.value = buffer; | |||
463 | request->url.len = (size_t)(space - buffer); | |||
464 | find_query_string(request, space); | |||
465 | request->original_url = request->url; | |||
466 | ||||
467 | *space++ = '\0'; | |||
468 | ||||
469 | STRING_SWITCH_LARGE(space)switch (string_as_uint64(space)) { | |||
470 | case STR8_INT('H','T','T','P','/','1','.','0')((uint64_t)((uint32_t)(('H') | ('T') << 8 | ('T') << 16 | ('P') << 24)) | (uint64_t)((uint32_t)(('/') | ('1' ) << 8 | ('.') << 16 | ('0') << 24)) << 32): | |||
471 | request->flags |= REQUEST_IS_HTTP_1_0; | |||
472 | break; | |||
473 | case STR8_INT('H','T','T','P','/','1','.','1')((uint64_t)((uint32_t)(('H') | ('T') << 8 | ('T') << 16 | ('P') << 24)) | (uint64_t)((uint32_t)(('/') | ('1' ) << 8 | ('.') << 16 | ('1') << 24)) << 32): | |||
474 | break; | |||
475 | default: | |||
476 | return NULL((void*)0); | |||
477 | } | |||
478 | ||||
479 | return end_of_line + 1; | |||
480 | } | |||
481 | ||||
482 | __attribute__((noinline)) static void set_header_value( | |||
483 | struct lwan_value *header, char *end, char *p, size_t header_len) | |||
484 | { | |||
485 | p += header_len; | |||
486 | ||||
487 | if (LIKELY(string_as_uint16(p) == STR2_INT(':', ' '))__builtin_expect((!!(string_as_uint16(p) == ((uint16_t)((':') | (' ') << 8)))), (1))) { | |||
488 | *end = '\0'; | |||
489 | char *value = p + sizeof(": ") - 1; | |||
490 | ||||
491 | header->value = value; | |||
492 | header->len = (size_t)(end - value); | |||
493 | } | |||
494 | } | |||
495 | ||||
496 | #define HEADER_LENGTH(hdr) \ | |||
497 | ({ \ | |||
498 | if (UNLIKELY(end - sizeof(hdr) + 1 < p)__builtin_expect(((end - sizeof(hdr) + 1 < p)), (0))) \ | |||
499 | continue; \ | |||
500 | sizeof(hdr) - 1; \ | |||
501 | }) | |||
502 | ||||
503 | #define SET_HEADER_VALUE(dest, hdr) \ | |||
504 | do { \ | |||
505 | const size_t header_len = HEADER_LENGTH(hdr); \ | |||
506 | set_header_value(&(helper->dest), end, p, header_len); \ | |||
507 | } while (0) | |||
508 | ||||
509 | static ALWAYS_INLINEinline __attribute__((always_inline)) ssize_t find_headers(char **header_start, | |||
510 | struct lwan_value *request_buffer, | |||
511 | char **next_request) | |||
512 | { | |||
513 | char *buffer = request_buffer->value; | |||
514 | char *buffer_end = buffer + request_buffer->len; | |||
515 | ssize_t n_headers = 0; | |||
516 | char *next_header; | |||
517 | ||||
518 | for (char *next_chr = buffer + 1;;) { | |||
519 | next_header = memchr(next_chr, '\r', (size_t)(buffer_end - next_chr)); | |||
520 | ||||
521 | if (UNLIKELY(!next_header)__builtin_expect(((!next_header)), (0))) | |||
522 | return -1; | |||
523 | ||||
524 | if (next_chr == next_header) { | |||
525 | if (buffer_end - next_chr >= (ptrdiff_t)HEADER_TERMINATOR_LEN(sizeof("\r\n") - 1)) { | |||
526 | STRING_SWITCH_SMALL (next_header)switch (string_as_uint16(next_header)) { | |||
527 | case STR2_INT('\r', '\n')((uint16_t)(('\r') | ('\n') << 8)): | |||
528 | *next_request = next_header + HEADER_TERMINATOR_LEN(sizeof("\r\n") - 1); | |||
529 | } | |||
530 | } | |||
531 | goto out; | |||
532 | } | |||
533 | ||||
534 | /* Is there at least a space for a minimal (H)eader and a (V)alue? */ | |||
535 | if (LIKELY(next_header - next_chr >= (ptrdiff_t)(sizeof("H: V") - 1))__builtin_expect((!!(next_header - next_chr >= (ptrdiff_t) (sizeof("H: V") - 1))), (1))) { | |||
536 | header_start[n_headers++] = next_chr; | |||
537 | ||||
538 | if (UNLIKELY(n_headers >= N_HEADER_START - 1)__builtin_expect(((n_headers >= 64 - 1)), (0))) | |||
539 | return -1; | |||
540 | } else { | |||
541 | /* Better to abort early if there's no space. */ | |||
542 | return -1; | |||
543 | } | |||
544 | ||||
545 | next_chr = next_header + HEADER_TERMINATOR_LEN(sizeof("\r\n") - 1); | |||
546 | if (UNLIKELY(next_chr >= buffer_end)__builtin_expect(((next_chr >= buffer_end)), (0))) | |||
547 | return -1; | |||
548 | } | |||
549 | ||||
550 | out: | |||
551 | header_start[n_headers] = next_header; | |||
552 | return n_headers; | |||
553 | } | |||
554 | ||||
555 | static bool_Bool parse_headers(struct lwan_request_parser_helper *helper, | |||
556 | char *buffer) | |||
557 | { | |||
558 | char **header_start = helper->header_start; | |||
559 | ssize_t n_headers = 0; | |||
560 | ||||
561 | /* FIXME: is there a better way to do this? */ | |||
562 | struct lwan_value header_start_buffer = { | |||
563 | .value = buffer, | |||
564 | .len = helper->buffer->len - (size_t)(buffer - helper->buffer->value) | |||
565 | }; | |||
566 | n_headers = find_headers(header_start, &header_start_buffer, | |||
567 | &helper->next_request); | |||
568 | if (UNLIKELY(n_headers < 0)__builtin_expect(((n_headers < 0)), (0))) | |||
569 | return false0; | |||
570 | ||||
571 | for (ssize_t i = 0; i < n_headers; i++) { | |||
572 | char *p = header_start[i]; | |||
573 | char *end = header_start[i + 1] - HEADER_TERMINATOR_LEN(sizeof("\r\n") - 1); | |||
574 | ||||
575 | STRING_SWITCH_L (p)switch (((string_as_uint32(p)) | (uint32_t)0x20202020)) { | |||
576 | case STR4_INT_L('A', 'c', 'c', 'e')((((uint32_t)(('A') | ('c') << 8 | ('c') << 16 | ( 'e') << 24))) | (uint32_t)0x20202020): | |||
577 | p += HEADER_LENGTH("Accept"); | |||
578 | ||||
579 | STRING_SWITCH_L (p)switch (((string_as_uint32(p)) | (uint32_t)0x20202020)) { | |||
580 | case STR4_INT_L('-', 'E', 'n', 'c')((((uint32_t)(('-') | ('E') << 8 | ('n') << 16 | ( 'c') << 24))) | (uint32_t)0x20202020): | |||
581 | SET_HEADER_VALUE(accept_encoding, "-Encoding"); | |||
582 | break; | |||
583 | } | |||
584 | break; | |||
585 | case STR4_INT_L('C', 'o', 'n', 'n')((((uint32_t)(('C') | ('o') << 8 | ('n') << 16 | ( 'n') << 24))) | (uint32_t)0x20202020): | |||
586 | SET_HEADER_VALUE(connection, "Connection"); | |||
587 | break; | |||
588 | case STR4_INT_L('C', 'o', 'n', 't')((((uint32_t)(('C') | ('o') << 8 | ('n') << 16 | ( 't') << 24))) | (uint32_t)0x20202020): | |||
589 | p += HEADER_LENGTH("Content"); | |||
590 | ||||
591 | STRING_SWITCH_L (p)switch (((string_as_uint32(p)) | (uint32_t)0x20202020)) { | |||
592 | case STR4_INT_L('-', 'T', 'y', 'p')((((uint32_t)(('-') | ('T') << 8 | ('y') << 16 | ( 'p') << 24))) | (uint32_t)0x20202020): | |||
593 | SET_HEADER_VALUE(content_type, "-Type"); | |||
594 | break; | |||
595 | case STR4_INT_L('-', 'L', 'e', 'n')((((uint32_t)(('-') | ('L') << 8 | ('e') << 16 | ( 'n') << 24))) | (uint32_t)0x20202020): | |||
596 | SET_HEADER_VALUE(content_length, "-Length"); | |||
597 | break; | |||
598 | } | |||
599 | break; | |||
600 | case STR4_INT_L('I', 'f', '-', 'M')((((uint32_t)(('I') | ('f') << 8 | ('-') << 16 | ( 'M') << 24))) | (uint32_t)0x20202020): | |||
601 | SET_HEADER_VALUE(if_modified_since.raw, "If-Modified-Since"); | |||
602 | break; | |||
603 | case STR4_INT_L('H', 'o', 's', 't')((((uint32_t)(('H') | ('o') << 8 | ('s') << 16 | ( 't') << 24))) | (uint32_t)0x20202020): | |||
604 | SET_HEADER_VALUE(host, "Host"); | |||
605 | break; | |||
606 | case STR4_INT_L('R', 'a', 'n', 'g')((((uint32_t)(('R') | ('a') << 8 | ('n') << 16 | ( 'g') << 24))) | (uint32_t)0x20202020): | |||
607 | SET_HEADER_VALUE(range.raw, "Range"); | |||
608 | break; | |||
609 | } | |||
610 | } | |||
611 | ||||
612 | helper->n_header_start = (size_t)n_headers; | |||
613 | return true1; | |||
614 | } | |||
615 | #undef HEADER_LENGTH | |||
616 | #undef SET_HEADER_VALUE | |||
617 | ||||
618 | ssize_t lwan_find_headers(char **header_start, struct lwan_value *buffer, | |||
619 | char **next_request) | |||
620 | { | |||
621 | return find_headers(header_start, buffer, next_request); | |||
622 | } | |||
623 | ||||
624 | static void parse_if_modified_since(struct lwan_request_parser_helper *helper) | |||
625 | { | |||
626 | static const size_t header_len = | |||
627 | sizeof("Wed, 17 Apr 2019 13:59:27 GMT") - 1; | |||
628 | time_t parsed; | |||
629 | ||||
630 | if (UNLIKELY(helper->if_modified_since.raw.len != header_len)__builtin_expect(((helper->if_modified_since.raw.len != header_len )), (0))) | |||
631 | return; | |||
632 | ||||
633 | if (UNLIKELY(lwan_parse_rfc_time(helper->if_modified_since.raw.value,__builtin_expect(((lwan_parse_rfc_time(helper->if_modified_since .raw.value, &parsed) < 0)), (0)) | |||
634 | &parsed) < 0)__builtin_expect(((lwan_parse_rfc_time(helper->if_modified_since .raw.value, &parsed) < 0)), (0))) | |||
635 | return; | |||
636 | ||||
637 | helper->if_modified_since.parsed = parsed; | |||
638 | } | |||
639 | ||||
640 | static bool_Bool | |||
641 | parse_off_without_sign(const char *ptr, char **end, off_t *off) | |||
642 | { | |||
643 | unsigned long long val; | |||
644 | ||||
645 | static_assert_Static_assert(sizeof(val) >= sizeof(off_t), | |||
646 | "off_t fits in a long long"); | |||
647 | ||||
648 | errno(*__errno_location ()) = 0; | |||
649 | ||||
650 | val = strtoull(ptr, end, 10); | |||
651 | if (UNLIKELY(val == 0 && *end == ptr)__builtin_expect(((val == 0 && *end == ptr)), (0))) | |||
652 | return false0; | |||
653 | if (UNLIKELY(errno != 0)__builtin_expect((((*__errno_location ()) != 0)), (0))) | |||
654 | return false0; | |||
655 | if (UNLIKELY(val > OFF_MAX)__builtin_expect(((val > 9223372036854775807LL)), (0))) | |||
656 | return false0; | |||
657 | ||||
658 | *off = (off_t)val; | |||
659 | return true1; | |||
660 | } | |||
661 | ||||
662 | static void | |||
663 | parse_range(struct lwan_request_parser_helper *helper) | |||
664 | { | |||
665 | if (UNLIKELY(helper->range.raw.len <= (sizeof("bytes=") - 1))__builtin_expect(((helper->range.raw.len <= (sizeof("bytes=" ) - 1))), (0))) | |||
666 | return; | |||
667 | ||||
668 | char *range = helper->range.raw.value; | |||
669 | if (UNLIKELY(strncmp(range, "bytes=", sizeof("bytes=") - 1))__builtin_expect(((strncmp(range, "bytes=", sizeof("bytes=") - 1))), (0))) | |||
670 | return; | |||
671 | ||||
672 | range += sizeof("bytes=") - 1; | |||
673 | ||||
674 | off_t from, to; | |||
675 | char *end; | |||
676 | ||||
677 | if (*range == '-') { | |||
678 | from = 0; | |||
679 | ||||
680 | if (!parse_off_without_sign(range + 1, &end, &to)) | |||
681 | goto invalid_range; | |||
682 | if (*end != '\0') | |||
683 | goto invalid_range; | |||
684 | } else if (lwan_char_isdigit(*range)) { | |||
685 | if (!parse_off_without_sign(range, &end, &from)) | |||
686 | goto invalid_range; | |||
687 | if (*end != '-') | |||
688 | goto invalid_range; | |||
689 | ||||
690 | range = end + 1; | |||
691 | if (*range == '\0') { | |||
692 | to = -1; | |||
693 | } else { | |||
694 | if (!parse_off_without_sign(range, &end, &to)) | |||
695 | goto invalid_range; | |||
696 | if (*end != '\0') | |||
697 | goto invalid_range; | |||
698 | } | |||
699 | } else { | |||
700 | invalid_range: | |||
701 | to = from = -1; | |||
702 | } | |||
703 | ||||
704 | helper->range.from = from; | |||
705 | helper->range.to = to; | |||
706 | } | |||
707 | ||||
708 | static void | |||
709 | parse_accept_encoding(struct lwan_request *request) | |||
710 | { | |||
711 | struct lwan_request_parser_helper *helper = request->helper; | |||
712 | ||||
713 | if (!helper->accept_encoding.len) | |||
714 | return; | |||
715 | ||||
716 | for (const char *p = helper->accept_encoding.value; *p; p++) { | |||
717 | STRING_SWITCH(p)switch (string_as_uint32(p)) { | |||
718 | case STR4_INT('d','e','f','l')((uint32_t)(('d') | ('e') << 8 | ('f') << 16 | ('l' ) << 24)): | |||
719 | case STR4_INT(' ','d','e','f')((uint32_t)((' ') | ('d') << 8 | ('e') << 16 | ('f' ) << 24)): | |||
720 | request->flags |= REQUEST_ACCEPT_DEFLATE; | |||
721 | break; | |||
722 | case STR4_INT('g','z','i','p')((uint32_t)(('g') | ('z') << 8 | ('i') << 16 | ('p' ) << 24)): | |||
723 | case STR4_INT(' ','g','z','i')((uint32_t)((' ') | ('g') << 8 | ('z') << 16 | ('i' ) << 24)): | |||
724 | request->flags |= REQUEST_ACCEPT_GZIP; | |||
725 | break; | |||
726 | #if defined(LWAN_HAVE_ZSTD) | |||
727 | case STR4_INT('z','s','t','d')((uint32_t)(('z') | ('s') << 8 | ('t') << 16 | ('d' ) << 24)): | |||
728 | case STR4_INT(' ','z','s','t')((uint32_t)((' ') | ('z') << 8 | ('s') << 16 | ('t' ) << 24)): | |||
729 | request->flags |= REQUEST_ACCEPT_ZSTD; | |||
730 | break; | |||
731 | #endif | |||
732 | #if defined(LWAN_HAVE_BROTLI) | |||
733 | default: | |||
734 | while (lwan_char_isspace(*p)) | |||
735 | p++; | |||
736 | ||||
737 | STRING_SWITCH_SMALL(p)switch (string_as_uint16(p)) { | |||
738 | case STR2_INT('b', 'r')((uint16_t)(('b') | ('r') << 8)): | |||
739 | request->flags |= REQUEST_ACCEPT_BROTLI; | |||
740 | break; | |||
741 | } | |||
742 | #endif | |||
743 | } | |||
744 | ||||
745 | if (!(p = strchr(p, ','))) | |||
746 | break; | |||
747 | } | |||
748 | } | |||
749 | ||||
750 | static ALWAYS_INLINEinline __attribute__((always_inline)) char * | |||
751 | ignore_leading_whitespace(char *buffer) | |||
752 | { | |||
753 | while (lwan_char_isspace(*buffer)) | |||
754 | buffer++; | |||
755 | return buffer; | |||
756 | } | |||
757 | ||||
758 | static ALWAYS_INLINEinline __attribute__((always_inline)) void parse_connection_header(struct lwan_request *request) | |||
759 | { | |||
760 | struct lwan_request_parser_helper *helper = request->helper; | |||
761 | bool_Bool has_keep_alive = false0; | |||
762 | bool_Bool has_close = false0; | |||
763 | ||||
764 | if (!helper->connection.len) | |||
765 | goto out; | |||
766 | ||||
767 | for (const char *p = helper->connection.value; *p; p++) { | |||
768 | STRING_SWITCH_L(p)switch (((string_as_uint32(p)) | (uint32_t)0x20202020)) { | |||
769 | case STR4_INT_L('k','e','e','p')((((uint32_t)(('k') | ('e') << 8 | ('e') << 16 | ( 'p') << 24))) | (uint32_t)0x20202020): | |||
770 | case STR4_INT_L(' ', 'k','e','e')((((uint32_t)((' ') | ('k') << 8 | ('e') << 16 | ( 'e') << 24))) | (uint32_t)0x20202020): | |||
771 | has_keep_alive = true1; | |||
772 | break; | |||
773 | case STR4_INT_L('c','l','o','s')((((uint32_t)(('c') | ('l') << 8 | ('o') << 16 | ( 's') << 24))) | (uint32_t)0x20202020): | |||
774 | case STR4_INT_L(' ', 'c','l','o')((((uint32_t)((' ') | ('c') << 8 | ('l') << 16 | ( 'o') << 24))) | (uint32_t)0x20202020): | |||
775 | has_close = true1; | |||
776 | break; | |||
777 | case STR4_INT_L('u','p','g','r')((((uint32_t)(('u') | ('p') << 8 | ('g') << 16 | ( 'r') << 24))) | (uint32_t)0x20202020): | |||
778 | case STR4_INT_L(' ', 'u','p','g')((((uint32_t)((' ') | ('u') << 8 | ('p') << 16 | ( 'g') << 24))) | (uint32_t)0x20202020): | |||
779 | request->conn->flags |= CONN_IS_UPGRADE; | |||
780 | break; | |||
781 | } | |||
782 | ||||
783 | if (!(p = strchr(p, ','))) | |||
784 | break; | |||
785 | } | |||
786 | ||||
787 | out: | |||
788 | if (LIKELY(!(request->flags & REQUEST_IS_HTTP_1_0))__builtin_expect((!!(!(request->flags & REQUEST_IS_HTTP_1_0 ))), (1))) | |||
789 | has_keep_alive = !has_close; | |||
790 | ||||
791 | if (has_keep_alive) { | |||
792 | request->conn->flags |= CONN_IS_KEEP_ALIVE; | |||
793 | } else { | |||
794 | request->conn->flags &= | |||
795 | ~(CONN_IS_KEEP_ALIVE | CONN_SENT_CONNECTION_HEADER); | |||
796 | } | |||
797 | } | |||
798 | ||||
799 | #if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) | |||
800 | static void save_to_corpus_for_fuzzing(struct lwan_value buffer) | |||
801 | { | |||
802 | struct lwan_value buffer_copy; | |||
803 | char corpus_name[PATH_MAX4096]; | |||
804 | const char *crlfcrlf; | |||
805 | int fd; | |||
806 | ||||
807 | if (!(crlfcrlf = memmem(buffer.value, buffer.len, "\r\n\r\n", 4))) | |||
808 | return; | |||
809 | buffer.len = (size_t)(crlfcrlf - buffer.value + 4); | |||
810 | ||||
811 | try_another_file_name: | |||
812 | buffer_copy = buffer; | |||
813 | ||||
814 | snprintf(corpus_name, sizeof(corpus_name), "corpus-request-%d", rand()); | |||
815 | ||||
816 | fd = open(corpus_name, O_WRONLY01 | O_CLOEXEC02000000 | O_CREAT0100 | O_EXCL0200, 0644); | |||
817 | if (fd < 0) | |||
818 | goto try_another_file_name; | |||
819 | ||||
820 | while (buffer_copy.len) { | |||
821 | ssize_t r = write(fd, buffer_copy.value, buffer_copy.len); | |||
822 | ||||
823 | if (r < 0) { | |||
824 | if (errno(*__errno_location ()) == EAGAIN11 || errno(*__errno_location ()) == EINTR4) | |||
825 | continue; | |||
826 | ||||
827 | close(fd); | |||
828 | unlink(corpus_name); | |||
829 | goto try_another_file_name; | |||
830 | } | |||
831 | ||||
832 | buffer_copy.value += r; | |||
833 | buffer_copy.len -= r; | |||
834 | } | |||
835 | ||||
836 | close(fd); | |||
837 | lwan_status_debug("Request saved to %s", corpus_name)lwan_status_debug_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 837, __FUNCTION__, "Request saved to %s", corpus_name); | |||
838 | } | |||
839 | #endif | |||
840 | ||||
841 | static enum lwan_http_status | |||
842 | client_read(struct lwan_request *request, | |||
843 | struct lwan_value *buffer, | |||
844 | const size_t want_to_read, | |||
845 | enum lwan_read_finalizer (*finalizer)(const struct lwan_value *buffer, | |||
846 | size_t want_to_read, | |||
847 | const struct lwan_request *request, | |||
848 | int n_packets)) | |||
849 | { | |||
850 | struct lwan_request_parser_helper *helper = request->helper; | |||
851 | int n_packets = 0; | |||
852 | ||||
853 | if (helper->next_request) { | |||
854 | const size_t next_request_len = (size_t)(helper->next_request - buffer->value); | |||
855 | size_t new_len; | |||
856 | ||||
857 | if (__builtin_sub_overflow(buffer->len, next_request_len, &new_len)) { | |||
858 | helper->next_request = NULL((void*)0); | |||
859 | } else if (new_len) { | |||
860 | /* FIXME: This memmove() could be eventually removed if a better | |||
861 | * stucture (maybe a ringbuffer, reading with readv(), and each | |||
862 | * pointer is coro_strdup() if they wrap around?) were used for | |||
863 | * the request buffer. */ | |||
864 | buffer->len = new_len; | |||
865 | memmove(buffer->value, helper->next_request, new_len); | |||
866 | goto try_to_finalize; | |||
867 | } | |||
868 | } | |||
869 | ||||
870 | for (buffer->len = 0;; n_packets++) { | |||
871 | size_t to_read = (size_t)(want_to_read - buffer->len); | |||
872 | ||||
873 | if (UNLIKELY(to_read == 0)__builtin_expect(((to_read == 0)), (0))) | |||
874 | return HTTP_TOO_LARGE; | |||
875 | ||||
876 | ssize_t n = recv(request->fd, buffer->value + buffer->len, to_read, 0); | |||
877 | if (UNLIKELY(n <= 0)__builtin_expect(((n <= 0)), (0))) { | |||
878 | if (n < 0) { | |||
879 | switch (errno(*__errno_location ())) { | |||
880 | case EINTR4: | |||
881 | case EAGAIN11: | |||
882 | yield_and_read_again: | |||
883 | coro_yield(request->conn->coro, CONN_CORO_WANT_READ); | |||
884 | continue; | |||
885 | } | |||
886 | ||||
887 | /* Unexpected error before reading anything */ | |||
888 | if (UNLIKELY(!buffer->len)__builtin_expect(((!buffer->len)), (0))) | |||
889 | return HTTP_BAD_REQUEST; | |||
890 | } | |||
891 | ||||
892 | /* Client shut down orderly (n = 0), or unrecoverable error (n < 0); | |||
893 | * shut down coro. */ | |||
894 | break; | |||
895 | } | |||
896 | ||||
897 | buffer->len += (size_t)n; | |||
898 | ||||
899 | try_to_finalize: | |||
900 | switch (finalizer(buffer, want_to_read, request, n_packets)) { | |||
901 | case FINALIZER_DONE: | |||
902 | buffer->value[buffer->len] = '\0'; | |||
903 | #if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) | |||
904 | save_to_corpus_for_fuzzing(*buffer); | |||
905 | #endif | |||
906 | return HTTP_OK; | |||
907 | ||||
908 | case FINALIZER_TRY_AGAIN: | |||
909 | goto yield_and_read_again; | |||
910 | ||||
911 | case FINALIZER_TIMEOUT: | |||
912 | return HTTP_TIMEOUT; | |||
913 | } | |||
914 | } | |||
915 | ||||
916 | coro_yield(request->conn->coro, CONN_CORO_ABORT); | |||
917 | __builtin_unreachable(); | |||
918 | return HTTP_INTERNAL_ERROR; | |||
919 | } | |||
920 | ||||
921 | static enum lwan_read_finalizer | |||
922 | read_request_finalizer_from_helper(const struct lwan_value *buffer, | |||
923 | struct lwan_request_parser_helper *helper, | |||
924 | int n_packets, | |||
925 | bool_Bool allow_proxy_reqs) | |||
926 | { | |||
927 | static const size_t min_proxied_request_size = | |||
928 | MIN_REQUEST_SIZE(sizeof("GET / HTTP/1.1\r\n\r\n") - 1) + sizeof(struct proxy_header_v2); | |||
929 | ||||
930 | if (LIKELY(buffer->len >= MIN_REQUEST_SIZE)__builtin_expect((!!(buffer->len >= (sizeof("GET / HTTP/1.1\r\n\r\n" ) - 1))), (1))) { | |||
931 | STRING_SWITCH (buffer->value + buffer->len - 4)switch (string_as_uint32(buffer->value + buffer->len - 4 )) { | |||
932 | case STR4_INT('\r', '\n', '\r', '\n')((uint32_t)(('\r') | ('\n') << 8 | ('\r') << 16 | ('\n') << 24)): | |||
933 | return FINALIZER_DONE; | |||
934 | } | |||
935 | } | |||
936 | ||||
937 | char *crlfcrlf = memmem(buffer->value, buffer->len, "\r\n\r\n", 4); | |||
938 | if (LIKELY(crlfcrlf)__builtin_expect((!!(crlfcrlf)), (1))) { | |||
939 | if (LIKELY(helper->next_request)__builtin_expect((!!(helper->next_request)), (1))) { | |||
940 | helper->next_request = NULL((void*)0); | |||
941 | return FINALIZER_DONE; | |||
942 | } | |||
943 | ||||
944 | const size_t crlfcrlf_to_base = (size_t)(crlfcrlf - buffer->value); | |||
945 | if (crlfcrlf_to_base >= MIN_REQUEST_SIZE(sizeof("GET / HTTP/1.1\r\n\r\n") - 1) - 4) | |||
946 | return FINALIZER_DONE; | |||
947 | ||||
948 | if (buffer->len > min_proxied_request_size && allow_proxy_reqs) { | |||
949 | /* FIXME: Checking for PROXYv2 protocol header here is a layering | |||
950 | * violation. */ | |||
951 | STRING_SWITCH_LARGE (crlfcrlf + 4)switch (string_as_uint64(crlfcrlf + 4)) { | |||
952 | case STR8_INT(0x00, 0x0d, 0x0a, 0x51, 0x55, 0x49, 0x54, 0x0a)((uint64_t)((uint32_t)((0x00) | (0x0d) << 8 | (0x0a) << 16 | (0x51) << 24)) | (uint64_t)((uint32_t)((0x55) | ( 0x49) << 8 | (0x54) << 16 | (0x0a) << 24)) << 32): | |||
953 | return FINALIZER_DONE; | |||
954 | } | |||
955 | } | |||
956 | } | |||
957 | ||||
958 | /* Yield a timeout error to avoid clients being intentionally slow and | |||
959 | * hogging the server. (Clients can't only connect and do nothing, they | |||
960 | * need to send data, otherwise the timeout queue timer will kick in and | |||
961 | * close the connection. Limit the number of packets to avoid them sending | |||
962 | * just a byte at a time.) See lwan_calculate_n_packets() to see how this is | |||
963 | * calculated. */ | |||
964 | if (UNLIKELY(n_packets > helper->error_when_n_packets)__builtin_expect(((n_packets > helper->error_when_n_packets )), (0))) | |||
965 | return FINALIZER_TIMEOUT; | |||
966 | ||||
967 | return FINALIZER_TRY_AGAIN; | |||
968 | } | |||
969 | ||||
970 | static inline enum lwan_read_finalizer | |||
971 | read_request_finalizer(const struct lwan_value *buffer, | |||
972 | size_t want_to_read __attribute__((unused)), | |||
973 | const struct lwan_request *request, | |||
974 | int n_packets) | |||
975 | { | |||
976 | return read_request_finalizer_from_helper( | |||
977 | buffer, request->helper, n_packets, | |||
978 | request->flags & REQUEST_ALLOW_PROXY_REQS); | |||
979 | } | |||
980 | ||||
981 | static ALWAYS_INLINEinline __attribute__((always_inline)) enum lwan_http_status | |||
982 | read_request(struct lwan_request *request) | |||
983 | { | |||
984 | return client_read(request, request->helper->buffer, | |||
985 | DEFAULT_BUFFER_SIZE4096 - 1 /* -1 for NUL byte */, | |||
986 | read_request_finalizer); | |||
987 | } | |||
988 | ||||
989 | static enum lwan_read_finalizer | |||
990 | body_data_finalizer(const struct lwan_value *buffer, | |||
991 | size_t want_to_read, | |||
992 | const struct lwan_request *request, | |||
993 | int n_packets) | |||
994 | { | |||
995 | const struct lwan_request_parser_helper *helper = request->helper; | |||
996 | ||||
997 | if (want_to_read == buffer->len) | |||
998 | return FINALIZER_DONE; | |||
999 | ||||
1000 | /* For POST requests, the body can be larger, and due to small MTUs on | |||
1001 | * most ethernet connections, responding with a timeout solely based on | |||
1002 | * number of packets doesn't work. Use keepalive timeout instead. */ | |||
1003 | if (UNLIKELY(time(NULL) > helper->error_when_time)__builtin_expect(((time(((void*)0)) > helper->error_when_time )), (0))) | |||
1004 | return FINALIZER_TIMEOUT; | |||
1005 | ||||
1006 | /* In addition to time, also estimate the number of packets based on an | |||
1007 | * usual MTU value and the request body size. */ | |||
1008 | if (UNLIKELY(n_packets > helper->error_when_n_packets)__builtin_expect(((n_packets > helper->error_when_n_packets )), (0))) | |||
1009 | return FINALIZER_TIMEOUT; | |||
1010 | ||||
1011 | return FINALIZER_TRY_AGAIN; | |||
1012 | } | |||
1013 | ||||
1014 | static const char *is_dir(const char *v) | |||
1015 | { | |||
1016 | struct stat st; | |||
1017 | ||||
1018 | if (!v) | |||
1019 | return NULL((void*)0); | |||
1020 | ||||
1021 | if (*v != '/') | |||
1022 | return NULL((void*)0); | |||
1023 | ||||
1024 | if (stat(v, &st) < 0) | |||
1025 | return NULL((void*)0); | |||
1026 | ||||
1027 | if (!S_ISDIR(st.st_mode)((((st.st_mode)) & 0170000) == (0040000))) | |||
1028 | return NULL((void*)0); | |||
1029 | ||||
1030 | if (!(st.st_mode & S_ISVTX01000)) { | |||
1031 | lwan_status_warning(lwan_status_warning_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1034, __FUNCTION__, "Using %s as temporary directory, but it doesn't have " "the sticky bit set.", v) | |||
1032 | "Using %s as temporary directory, but it doesn't have "lwan_status_warning_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1034, __FUNCTION__, "Using %s as temporary directory, but it doesn't have " "the sticky bit set.", v) | |||
1033 | "the sticky bit set.",lwan_status_warning_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1034, __FUNCTION__, "Using %s as temporary directory, but it doesn't have " "the sticky bit set.", v) | |||
1034 | v)lwan_status_warning_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1034, __FUNCTION__, "Using %s as temporary directory, but it doesn't have " "the sticky bit set.", v); | |||
1035 | } | |||
1036 | ||||
1037 | return v; | |||
1038 | } | |||
1039 | ||||
1040 | static const char *is_dir_good_for_tmp(const char *v) | |||
1041 | { | |||
1042 | struct statfs sb; | |||
1043 | ||||
1044 | v = is_dir(v); | |||
1045 | if (!v) | |||
1046 | return NULL((void*)0); | |||
1047 | ||||
1048 | if (!statfs(v, &sb) && sb.f_type == TMPFS_MAGIC0x01021994) { | |||
1049 | lwan_status_warning("%s is a tmpfs filesystem, "lwan_status_warning_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1050, __FUNCTION__, "%s is a tmpfs filesystem, " "not considering it" , v) | |||
1050 | "not considering it", v)lwan_status_warning_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1050, __FUNCTION__, "%s is a tmpfs filesystem, " "not considering it" , v); | |||
1051 | return NULL((void*)0); | |||
1052 | } | |||
1053 | ||||
1054 | return v; | |||
1055 | } | |||
1056 | ||||
1057 | static const char *temp_dir; | |||
1058 | static const size_t body_buffer_temp_file_thresh = 1<<20; | |||
1059 | ||||
1060 | static const char * | |||
1061 | get_temp_dir(void) | |||
1062 | { | |||
1063 | const char *tmpdir; | |||
1064 | ||||
1065 | tmpdir = is_dir_good_for_tmp(secure_getenv("TMPDIR")); | |||
1066 | if (tmpdir) | |||
1067 | return tmpdir; | |||
1068 | ||||
1069 | tmpdir = is_dir_good_for_tmp(secure_getenv("TMP")); | |||
1070 | if (tmpdir) | |||
1071 | return tmpdir; | |||
1072 | ||||
1073 | tmpdir = is_dir_good_for_tmp(secure_getenv("TEMP")); | |||
1074 | if (tmpdir) | |||
1075 | return tmpdir; | |||
1076 | ||||
1077 | tmpdir = is_dir_good_for_tmp("/var/tmp"); | |||
1078 | if (tmpdir) | |||
1079 | return tmpdir; | |||
1080 | ||||
1081 | tmpdir = is_dir_good_for_tmp(P_tmpdir"/tmp"); | |||
1082 | if (tmpdir) | |||
1083 | return tmpdir; | |||
1084 | ||||
1085 | lwan_status_warning("Temporary directory could not be determined. POST "lwan_status_warning_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1087, __FUNCTION__, "Temporary directory could not be determined. POST " "or PUT requests over %zu bytes bytes will fail.", body_buffer_temp_file_thresh ) | |||
1086 | "or PUT requests over %zu bytes bytes will fail.",lwan_status_warning_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1087, __FUNCTION__, "Temporary directory could not be determined. POST " "or PUT requests over %zu bytes bytes will fail.", body_buffer_temp_file_thresh ) | |||
1087 | body_buffer_temp_file_thresh)lwan_status_warning_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1087, __FUNCTION__, "Temporary directory could not be determined. POST " "or PUT requests over %zu bytes bytes will fail.", body_buffer_temp_file_thresh ); | |||
1088 | return NULL((void*)0); | |||
1089 | } | |||
1090 | ||||
1091 | __attribute__((constructor)) static void initialize_temp_dir(void) | |||
1092 | { | |||
1093 | temp_dir = get_temp_dir(); | |||
1094 | } | |||
1095 | ||||
1096 | static int create_temp_file(void) | |||
1097 | { | |||
1098 | char template[PATH_MAX4096]; | |||
1099 | mode_t prev_mask; | |||
1100 | int ret; | |||
1101 | ||||
1102 | if (UNLIKELY(!temp_dir)__builtin_expect(((!temp_dir)), (0))) | |||
1103 | return -ENOENT2; | |||
1104 | ||||
1105 | #if defined(O_TMPFILE(020000000 | 0200000)) | |||
1106 | int fd = open(temp_dir, | |||
1107 | O_TMPFILE(020000000 | 0200000) | O_CREAT0100 | O_RDWR02 | O_EXCL0200 | O_CLOEXEC02000000 | | |||
1108 | O_NOFOLLOW0400000 | O_NOATIME01000000, | |||
1109 | S_IRUSR0400 | S_IWUSR0200); | |||
1110 | if (LIKELY(fd >= 0)__builtin_expect((!!(fd >= 0)), (1))) | |||
1111 | return fd; | |||
1112 | #endif | |||
1113 | ||||
1114 | ret = snprintf(template, sizeof(template), "%s/lwanXXXXXX", temp_dir); | |||
1115 | if (UNLIKELY(ret < 0 || ret >= (int)sizeof(template))__builtin_expect(((ret < 0 || ret >= (int)sizeof(template ))), (0))) | |||
1116 | return -EOVERFLOW75; | |||
1117 | ||||
1118 | prev_mask = umask_for_tmpfile(S_IRUSR | S_IWUSR)({ (void)(0400 | 0200); 0U; }); | |||
1119 | ret = mkostemp(template, O_CLOEXEC02000000); | |||
1120 | umask_for_tmpfile(prev_mask)({ (void)(prev_mask); 0U; }); | |||
1121 | ||||
1122 | if (LIKELY(ret >= 0)__builtin_expect((!!(ret >= 0)), (1))) | |||
1123 | unlink(template); | |||
1124 | ||||
1125 | return ret; | |||
1126 | } | |||
1127 | ||||
1128 | struct file_backed_buffer { | |||
1129 | void *ptr; | |||
1130 | size_t size; | |||
1131 | }; | |||
1132 | ||||
1133 | static void | |||
1134 | free_body_buffer(void *data) | |||
1135 | { | |||
1136 | struct file_backed_buffer *buf = data; | |||
1137 | ||||
1138 | munmap(buf->ptr, buf->size); | |||
1139 | free(buf); | |||
1140 | } | |||
1141 | ||||
1142 | static void* | |||
1143 | alloc_body_buffer(struct coro *coro, size_t size, bool_Bool allow_file) | |||
1144 | { | |||
1145 | struct file_backed_buffer *buf; | |||
1146 | void *ptr = (void *)MAP_FAILED((void *) -1); | |||
1147 | int fd; | |||
1148 | ||||
1149 | if (LIKELY(size < body_buffer_temp_file_thresh)__builtin_expect((!!(size < body_buffer_temp_file_thresh)) , (1))) { | |||
1150 | ptr = coro_malloc(coro, size); | |||
1151 | ||||
1152 | if (LIKELY(ptr)__builtin_expect((!!(ptr)), (1))) | |||
1153 | return ptr; | |||
1154 | } | |||
1155 | ||||
1156 | if (UNLIKELY(!allow_file)__builtin_expect(((!allow_file)), (0))) | |||
1157 | return NULL((void*)0); | |||
1158 | ||||
1159 | fd = create_temp_file(); | |||
1160 | if (UNLIKELY(fd < 0)__builtin_expect(((fd < 0)), (0))) | |||
1161 | return NULL((void*)0); | |||
1162 | ||||
1163 | if (UNLIKELY(ftruncate(fd, (off_t)size) < 0)__builtin_expect(((ftruncate(fd, (off_t)size) < 0)), (0))) { | |||
1164 | close(fd); | |||
1165 | return NULL((void*)0); | |||
1166 | } | |||
1167 | ||||
1168 | if (MAP_HUGETLB0x40000) { | |||
1169 | ptr = mmap(NULL((void*)0), size, PROT_READ0x1 | PROT_WRITE0x2, | |||
1170 | MAP_SHARED0x01 | MAP_HUGETLB0x40000, fd, 0); | |||
1171 | } | |||
1172 | if (UNLIKELY(ptr == MAP_FAILED)__builtin_expect(((ptr == ((void *) -1))), (0))) | |||
1173 | ptr = mmap(NULL((void*)0), size, PROT_READ0x1 | PROT_WRITE0x2, MAP_SHARED0x01, fd, 0); | |||
1174 | close(fd); | |||
1175 | if (UNLIKELY(ptr == MAP_FAILED)__builtin_expect(((ptr == ((void *) -1))), (0))) | |||
1176 | return NULL((void*)0); | |||
1177 | ||||
1178 | buf = coro_malloc_full(coro, sizeof(*buf), free_body_buffer); | |||
1179 | if (UNLIKELY(!buf)__builtin_expect(((!buf)), (0))) { | |||
1180 | munmap(ptr, size); | |||
1181 | return NULL((void*)0); | |||
1182 | } | |||
1183 | ||||
1184 | buf->ptr = ptr; | |||
1185 | buf->size = size; | |||
1186 | return ptr; | |||
1187 | } | |||
1188 | ||||
1189 | static enum lwan_http_status | |||
1190 | get_remaining_body_data_length(struct lwan_request *request, | |||
1191 | const size_t max_size, | |||
1192 | size_t *total, | |||
1193 | size_t *have) | |||
1194 | { | |||
1195 | struct lwan_request_parser_helper *helper = request->helper; | |||
1196 | long long parsed_size; | |||
1197 | ||||
1198 | if (UNLIKELY(!helper->content_length.value)__builtin_expect(((!helper->content_length.value)), (0))) | |||
1199 | return HTTP_BAD_REQUEST; | |||
1200 | ||||
1201 | parsed_size = parse_long_long(helper->content_length.value, -1); | |||
1202 | if (UNLIKELY(parsed_size < 0)__builtin_expect(((parsed_size < 0)), (0))) | |||
1203 | return HTTP_BAD_REQUEST; | |||
1204 | if (UNLIKELY((size_t)parsed_size >= max_size)__builtin_expect((((size_t)parsed_size >= max_size)), (0))) | |||
1205 | return HTTP_TOO_LARGE; | |||
1206 | if (UNLIKELY(!parsed_size)__builtin_expect(((!parsed_size)), (0))) | |||
1207 | return HTTP_OK; | |||
1208 | ||||
1209 | *total = (size_t)parsed_size; | |||
1210 | ||||
1211 | if (!helper->next_request) { | |||
1212 | *have = 0; | |||
1213 | return HTTP_PARTIAL_CONTENT; | |||
1214 | } | |||
1215 | ||||
1216 | char *buffer_end = helper->buffer->value + helper->buffer->len; | |||
1217 | ||||
1218 | *have = (size_t)(buffer_end - helper->next_request); | |||
1219 | ||||
1220 | if (*have < *total) | |||
1221 | return HTTP_PARTIAL_CONTENT; | |||
1222 | ||||
1223 | helper->body_data.value = helper->next_request; | |||
1224 | helper->body_data.len = *total; | |||
1225 | helper->next_request += *total; | |||
1226 | return HTTP_OK; | |||
1227 | } | |||
1228 | ||||
1229 | static int read_body_data(struct lwan_request *request) | |||
1230 | { | |||
1231 | /* Holy indirection, Batman! */ | |||
1232 | const struct lwan_config *config = &request->conn->thread->lwan->config; | |||
1233 | struct lwan_request_parser_helper *helper = request->helper; | |||
1234 | enum lwan_http_status status; | |||
1235 | size_t total, have, max_data_size; | |||
1236 | bool_Bool allow_temp_file; | |||
1237 | char *new_buffer; | |||
1238 | ||||
1239 | switch (lwan_request_get_method(request)) { | |||
1240 | case REQUEST_METHOD_POST: | |||
1241 | allow_temp_file = config->allow_post_temp_file; | |||
1242 | max_data_size = config->max_post_data_size; | |||
1243 | break; | |||
1244 | case REQUEST_METHOD_PUT: | |||
1245 | allow_temp_file = config->allow_put_temp_file; | |||
1246 | max_data_size = config->max_put_data_size; | |||
1247 | break; | |||
1248 | default: | |||
1249 | return -HTTP_NOT_ALLOWED; | |||
1250 | } | |||
1251 | ||||
1252 | status = | |||
1253 | get_remaining_body_data_length(request, max_data_size, &total, &have); | |||
1254 | if (status != HTTP_PARTIAL_CONTENT) | |||
1255 | return -(int)status; | |||
1256 | ||||
1257 | new_buffer = | |||
1258 | alloc_body_buffer(request->conn->coro, total + 1, allow_temp_file); | |||
1259 | if (UNLIKELY(!new_buffer)__builtin_expect(((!new_buffer)), (0))) | |||
1260 | return -HTTP_INTERNAL_ERROR; | |||
1261 | ||||
1262 | if (!(request->flags & REQUEST_IS_HTTP_1_0)) { | |||
1263 | /* §8.2.3 https://www.w3.org/Protocols/rfc2616/rfc2616-sec8.html */ | |||
1264 | const char *expect = lwan_request_get_header(request, "Expect"); | |||
1265 | ||||
1266 | if (expect && strncmp(expect, "100-", 4) == 0) { | |||
1267 | static const char continue_header[] = "HTTP/1.1 100 Continue\r\n\r\n"; | |||
1268 | ||||
1269 | lwan_send(request, continue_header, sizeof(continue_header) - 1, 0); | |||
1270 | } | |||
1271 | } | |||
1272 | ||||
1273 | helper->body_data.value = new_buffer; | |||
1274 | helper->body_data.len = total; | |||
1275 | if (have) { | |||
1276 | new_buffer = mempcpy(new_buffer, helper->next_request, have); | |||
1277 | total -= have; | |||
1278 | } | |||
1279 | helper->next_request = NULL((void*)0); | |||
1280 | ||||
1281 | helper->error_when_time = time(NULL((void*)0)) + config->keep_alive_timeout; | |||
1282 | helper->error_when_n_packets = lwan_calculate_n_packets(total); | |||
1283 | ||||
1284 | struct lwan_value buffer = {.value = new_buffer, .len = total}; | |||
1285 | return (int)client_read(request, &buffer, total, body_data_finalizer); | |||
1286 | } | |||
1287 | ||||
1288 | static char * | |||
1289 | parse_proxy_protocol(struct lwan_request *request, char *buffer) | |||
1290 | { | |||
1291 | STRING_SWITCH(buffer)switch (string_as_uint32(buffer)) { | |||
1292 | case STR4_INT('P','R','O','X')((uint32_t)(('P') | ('R') << 8 | ('O') << 16 | ('X' ) << 24)): | |||
1293 | return parse_proxy_protocol_v1(request, buffer); | |||
1294 | case STR4_INT('\x0D','\x0A','\x0D','\x0A')((uint32_t)(('\x0D') | ('\x0A') << 8 | ('\x0D') << 16 | ('\x0A') << 24)): | |||
1295 | return parse_proxy_protocol_v2(request, buffer); | |||
1296 | } | |||
1297 | ||||
1298 | return buffer; | |||
1299 | } | |||
1300 | ||||
1301 | static enum lwan_http_status parse_http_request(struct lwan_request *request) | |||
1302 | { | |||
1303 | struct lwan_request_parser_helper *helper = request->helper; | |||
1304 | char *buffer = helper->buffer->value; | |||
1305 | ||||
1306 | if (request->flags & REQUEST_ALLOW_PROXY_REQS) { | |||
1307 | /* REQUEST_ALLOW_PROXY_REQS will be cleared in lwan_process_request() */ | |||
1308 | ||||
1309 | buffer = parse_proxy_protocol(request, buffer); | |||
1310 | if (UNLIKELY(!buffer)__builtin_expect(((!buffer)), (0))) | |||
1311 | return HTTP_BAD_REQUEST; | |||
1312 | } | |||
1313 | ||||
1314 | buffer = ignore_leading_whitespace(buffer); | |||
1315 | ||||
1316 | if (UNLIKELY(buffer > helper->buffer->value + helper->buffer->len -__builtin_expect(((buffer > helper->buffer->value + helper ->buffer->len - (sizeof("GET / HTTP/1.1\r\n\r\n") - 1)) ), (0)) | |||
1317 | MIN_REQUEST_SIZE)__builtin_expect(((buffer > helper->buffer->value + helper ->buffer->len - (sizeof("GET / HTTP/1.1\r\n\r\n") - 1)) ), (0))) | |||
1318 | return HTTP_BAD_REQUEST; | |||
1319 | ||||
1320 | char *path = identify_http_method(request, buffer); | |||
1321 | if (UNLIKELY(!path)__builtin_expect(((!path)), (0))) | |||
1322 | return HTTP_NOT_ALLOWED; | |||
1323 | ||||
1324 | buffer = identify_http_path(request, path); | |||
1325 | if (UNLIKELY(!buffer)__builtin_expect(((!buffer)), (0))) | |||
1326 | return HTTP_BAD_REQUEST; | |||
1327 | ||||
1328 | if (UNLIKELY(!parse_headers(helper, buffer))__builtin_expect(((!parse_headers(helper, buffer))), (0))) | |||
1329 | return HTTP_BAD_REQUEST; | |||
1330 | ||||
1331 | ssize_t decoded_len = url_decode(request->url.value); | |||
1332 | if (UNLIKELY(decoded_len < 0)__builtin_expect(((decoded_len < 0)), (0))) | |||
1333 | return HTTP_BAD_REQUEST; | |||
1334 | request->original_url.len = request->url.len = (size_t)decoded_len; | |||
1335 | ||||
1336 | parse_connection_header(request); | |||
1337 | ||||
1338 | return HTTP_OK; | |||
1339 | } | |||
1340 | ||||
1341 | static enum lwan_http_status | |||
1342 | prepare_websocket_handshake(struct lwan_request *request, char **encoded) | |||
1343 | { | |||
1344 | static const unsigned char websocket_uuid[] = | |||
1345 | "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"; | |||
1346 | unsigned char digest[20]; | |||
1347 | sha1_context ctx; | |||
1348 | ||||
1349 | if (UNLIKELY(request->flags & RESPONSE_SENT_HEADERS)__builtin_expect(((request->flags & RESPONSE_SENT_HEADERS )), (0))) | |||
1350 | return HTTP_INTERNAL_ERROR; | |||
1351 | ||||
1352 | if (UNLIKELY(!(request->conn->flags & CONN_IS_UPGRADE))__builtin_expect(((!(request->conn->flags & CONN_IS_UPGRADE ))), (0))) | |||
1353 | return HTTP_BAD_REQUEST; | |||
1354 | ||||
1355 | const char *upgrade = lwan_request_get_header(request, "Upgrade"); | |||
1356 | if (UNLIKELY(!upgrade || !streq(upgrade, "websocket"))__builtin_expect(((!upgrade || !streq(upgrade, "websocket"))) , (0))) | |||
1357 | return HTTP_BAD_REQUEST; | |||
1358 | ||||
1359 | const char *sec_websocket_key = | |||
1360 | lwan_request_get_header(request, "Sec-WebSocket-Key"); | |||
1361 | if (UNLIKELY(!sec_websocket_key)__builtin_expect(((!sec_websocket_key)), (0))) | |||
1362 | return HTTP_BAD_REQUEST; | |||
1363 | ||||
1364 | const size_t sec_websocket_key_len = strlen(sec_websocket_key); | |||
1365 | if (base64_encoded_len(16) != sec_websocket_key_len) | |||
1366 | return HTTP_BAD_REQUEST; | |||
1367 | if (UNLIKELY(!base64_validate((void *)sec_websocket_key, sec_websocket_key_len))__builtin_expect(((!base64_validate((void *)sec_websocket_key , sec_websocket_key_len))), (0))) | |||
1368 | return HTTP_BAD_REQUEST; | |||
1369 | ||||
1370 | sha1_init(&ctx); | |||
1371 | sha1_update(&ctx, (void *)sec_websocket_key, sec_websocket_key_len); | |||
1372 | sha1_update(&ctx, websocket_uuid, sizeof(websocket_uuid) - 1); | |||
1373 | sha1_finalize(&ctx, digest); | |||
1374 | ||||
1375 | *encoded = (char *)base64_encode(digest, sizeof(digest), NULL((void*)0)); | |||
1376 | return LIKELY(*encoded)__builtin_expect((!!(*encoded)), (1)) ? HTTP_SWITCHING_PROTOCOLS : HTTP_INTERNAL_ERROR; | |||
1377 | } | |||
1378 | ||||
1379 | enum lwan_http_status | |||
1380 | lwan_request_websocket_upgrade(struct lwan_request *request) | |||
1381 | { | |||
1382 | char header_buf[DEFAULT_HEADERS_SIZE2048]; | |||
1383 | size_t header_buf_len; | |||
1384 | char *encoded; | |||
1385 | ||||
1386 | enum lwan_http_status r = prepare_websocket_handshake(request, &encoded); | |||
1387 | if (r != HTTP_SWITCHING_PROTOCOLS) | |||
1388 | return r; | |||
1389 | ||||
1390 | request->flags |= RESPONSE_NO_CONTENT_LENGTH; | |||
1391 | header_buf_len = lwan_prepare_response_header_full( | |||
1392 | request, HTTP_SWITCHING_PROTOCOLS, header_buf, sizeof(header_buf), | |||
1393 | (struct lwan_key_value[]){ | |||
1394 | /* Connection: Upgrade is implicit if conn->flags & CONN_IS_UPGRADE */ | |||
1395 | {.key = "Sec-WebSocket-Accept", .value = encoded}, | |||
1396 | {.key = "Upgrade", .value = "websocket"}, | |||
1397 | {}, | |||
1398 | }); | |||
1399 | free(encoded); | |||
1400 | if (UNLIKELY(!header_buf_len)__builtin_expect(((!header_buf_len)), (0))) | |||
1401 | return HTTP_INTERNAL_ERROR; | |||
1402 | ||||
1403 | request->conn->flags |= CONN_IS_WEBSOCKET; | |||
1404 | lwan_send(request, header_buf, header_buf_len, 0); | |||
1405 | ||||
1406 | return HTTP_SWITCHING_PROTOCOLS; | |||
1407 | } | |||
1408 | ||||
1409 | static inline bool_Bool request_has_body(const struct lwan_request *request) | |||
1410 | { | |||
1411 | /* 3rd bit set in method: request method has body. See lwan.h, | |||
1412 | * definition of FOR_EACH_REQUEST_METHOD() for more info. */ | |||
1413 | return lwan_request_get_method(request) & 1 << 3; | |||
1414 | } | |||
1415 | ||||
1416 | static enum lwan_http_status | |||
1417 | maybe_read_body_data(const struct lwan_url_map *url_map, | |||
1418 | struct lwan_request *request) | |||
1419 | { | |||
1420 | int status = 0; | |||
1421 | ||||
1422 | if (url_map->flags & HANDLER_EXPECTS_BODY_DATA) { | |||
1423 | status = read_body_data(request); | |||
1424 | if (status > 0) | |||
1425 | return (enum lwan_http_status)status; | |||
1426 | } | |||
1427 | ||||
1428 | /* Instead of trying to read the body here, which will require | |||
1429 | * us to allocate and read potentially a lot of bytes, force | |||
1430 | * this connection to be closed as soon as we send a "not allowed" | |||
1431 | * response. */ | |||
1432 | request->conn->flags &= ~CONN_IS_KEEP_ALIVE; | |||
1433 | ||||
1434 | if (status < 0) { | |||
1435 | status = -status; | |||
1436 | return (enum lwan_http_status)status; | |||
1437 | } | |||
1438 | ||||
1439 | return HTTP_NOT_ALLOWED; | |||
1440 | } | |||
1441 | ||||
1442 | static enum lwan_http_status prepare_for_response(const struct lwan_url_map *url_map, | |||
1443 | struct lwan_request *request) | |||
1444 | { | |||
1445 | request->url.value += url_map->prefix_len; | |||
1446 | request->url.len -= url_map->prefix_len; | |||
1447 | while (*request->url.value == '/' && request->url.len > 0) { | |||
1448 | request->url.value++; | |||
1449 | request->url.len--; | |||
1450 | } | |||
1451 | ||||
1452 | if (UNLIKELY(url_map->flags & HANDLER_MUST_AUTHORIZE)__builtin_expect(((url_map->flags & HANDLER_MUST_AUTHORIZE )), (0))) { | |||
1453 | if (!lwan_http_authorize_urlmap(request, url_map)) | |||
1454 | return HTTP_NOT_AUTHORIZED; | |||
1455 | } | |||
1456 | ||||
1457 | if (UNLIKELY(request_has_body(request))__builtin_expect(((request_has_body(request))), (0))) | |||
1458 | return maybe_read_body_data(url_map, request); | |||
1459 | ||||
1460 | return HTTP_OK; | |||
1461 | } | |||
1462 | ||||
1463 | static bool_Bool handle_rewrite(struct lwan_request *request) | |||
1464 | { | |||
1465 | struct lwan_request_parser_helper *helper = request->helper; | |||
1466 | ||||
1467 | request->flags &= ~RESPONSE_URL_REWRITTEN; | |||
1468 | ||||
1469 | find_query_string(request, request->url.value + request->url.len); | |||
1470 | ||||
1471 | helper->urls_rewritten++; | |||
1472 | if (UNLIKELY(helper->urls_rewritten > 4)__builtin_expect(((helper->urls_rewritten > 4)), (0))) { | |||
1473 | lwan_default_response(request, HTTP_INTERNAL_ERROR); | |||
1474 | return false0; | |||
1475 | } | |||
1476 | ||||
1477 | return true1; | |||
1478 | } | |||
1479 | ||||
1480 | const char *lwan_request_get_method_str(const struct lwan_request *request) | |||
1481 | { | |||
1482 | #define GENERATE_CASE_STMT(upper, lower, mask, constant, probability) \ | |||
1483 | case REQUEST_METHOD_##upper: \ | |||
1484 | return #upper; | |||
1485 | ||||
1486 | switch (lwan_request_get_method(request)) { | |||
1487 | FOR_EACH_REQUEST_METHOD(GENERATE_CASE_STMT)GENERATE_CASE_STMT(GET, get, (1 << 0), (((uint32_t)(('G' ) | ('E') << 8 | ('T') << 16 | (' ') << 24) )), 0.6) GENERATE_CASE_STMT(POST, post, (1 << 3 | 1 << 1 | 1 << 0), (((uint32_t)(('P') | ('O') << 8 | ( 'S') << 16 | ('T') << 24))), 0.2) GENERATE_CASE_STMT (HEAD, head, (1 << 1), (((uint32_t)(('H') | ('E') << 8 | ('A') << 16 | ('D') << 24))), 0.2) GENERATE_CASE_STMT (OPTIONS, options, (1 << 2), (((uint32_t)(('O') | ('P') << 8 | ('T') << 16 | ('I') << 24))), 0.1) GENERATE_CASE_STMT (DELETE, delete, (1 << 1 | 1 << 2), (((uint32_t)( ('D') | ('E') << 8 | ('L') << 16 | ('E') << 24))), 0.1) GENERATE_CASE_STMT(PUT, put, (1 << 3 | 1 << 2 | 1 << 0), (((uint32_t)(('P') | ('U') << 8 | ( 'T') << 16 | (' ') << 24))), 0.1) | |||
1488 | default: | |||
1489 | return "UNKNOWN"; | |||
1490 | } | |||
1491 | #undef GENERATE_CASE_STMT | |||
1492 | } | |||
1493 | ||||
1494 | #ifndef NDEBUG | |||
1495 | static void log_request(struct lwan_request *request, | |||
1496 | enum lwan_http_status status, | |||
1497 | double time_to_read_request, | |||
1498 | double time_to_process_request) | |||
1499 | { | |||
1500 | char ip_buffer[INET6_ADDRSTRLEN46]; | |||
1501 | ||||
1502 | lwan_status_debug(lwan_status_debug_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1509, __FUNCTION__, "%s [%s] %016lx \"%s %s HTTP/%s\" %d %s (r:%.3fms p:%.3fms)" , lwan_request_get_remote_address(request, ip_buffer), request ->conn->thread->date.date, lwan_request_get_id(request ), lwan_request_get_method_str(request), request->original_url .value, request->flags & REQUEST_IS_HTTP_1_0 ? "1.0" : "1.1", status, request->response.mime_type, time_to_read_request , time_to_process_request) | |||
1503 | "%s [%s] %016lx \"%s %s HTTP/%s\" %d %s (r:%.3fms p:%.3fms)",lwan_status_debug_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1509, __FUNCTION__, "%s [%s] %016lx \"%s %s HTTP/%s\" %d %s (r:%.3fms p:%.3fms)" , lwan_request_get_remote_address(request, ip_buffer), request ->conn->thread->date.date, lwan_request_get_id(request ), lwan_request_get_method_str(request), request->original_url .value, request->flags & REQUEST_IS_HTTP_1_0 ? "1.0" : "1.1", status, request->response.mime_type, time_to_read_request , time_to_process_request) | |||
1504 | lwan_request_get_remote_address(request, ip_buffer),lwan_status_debug_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1509, __FUNCTION__, "%s [%s] %016lx \"%s %s HTTP/%s\" %d %s (r:%.3fms p:%.3fms)" , lwan_request_get_remote_address(request, ip_buffer), request ->conn->thread->date.date, lwan_request_get_id(request ), lwan_request_get_method_str(request), request->original_url .value, request->flags & REQUEST_IS_HTTP_1_0 ? "1.0" : "1.1", status, request->response.mime_type, time_to_read_request , time_to_process_request) | |||
1505 | request->conn->thread->date.date, lwan_request_get_id(request),lwan_status_debug_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1509, __FUNCTION__, "%s [%s] %016lx \"%s %s HTTP/%s\" %d %s (r:%.3fms p:%.3fms)" , lwan_request_get_remote_address(request, ip_buffer), request ->conn->thread->date.date, lwan_request_get_id(request ), lwan_request_get_method_str(request), request->original_url .value, request->flags & REQUEST_IS_HTTP_1_0 ? "1.0" : "1.1", status, request->response.mime_type, time_to_read_request , time_to_process_request) | |||
1506 | lwan_request_get_method_str(request), request->original_url.value,lwan_status_debug_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1509, __FUNCTION__, "%s [%s] %016lx \"%s %s HTTP/%s\" %d %s (r:%.3fms p:%.3fms)" , lwan_request_get_remote_address(request, ip_buffer), request ->conn->thread->date.date, lwan_request_get_id(request ), lwan_request_get_method_str(request), request->original_url .value, request->flags & REQUEST_IS_HTTP_1_0 ? "1.0" : "1.1", status, request->response.mime_type, time_to_read_request , time_to_process_request) | |||
1507 | request->flags & REQUEST_IS_HTTP_1_0 ? "1.0" : "1.1", status,lwan_status_debug_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1509, __FUNCTION__, "%s [%s] %016lx \"%s %s HTTP/%s\" %d %s (r:%.3fms p:%.3fms)" , lwan_request_get_remote_address(request, ip_buffer), request ->conn->thread->date.date, lwan_request_get_id(request ), lwan_request_get_method_str(request), request->original_url .value, request->flags & REQUEST_IS_HTTP_1_0 ? "1.0" : "1.1", status, request->response.mime_type, time_to_read_request , time_to_process_request) | |||
1508 | request->response.mime_type, time_to_read_request,lwan_status_debug_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1509, __FUNCTION__, "%s [%s] %016lx \"%s %s HTTP/%s\" %d %s (r:%.3fms p:%.3fms)" , lwan_request_get_remote_address(request, ip_buffer), request ->conn->thread->date.date, lwan_request_get_id(request ), lwan_request_get_method_str(request), request->original_url .value, request->flags & REQUEST_IS_HTTP_1_0 ? "1.0" : "1.1", status, request->response.mime_type, time_to_read_request , time_to_process_request) | |||
1509 | time_to_process_request)lwan_status_debug_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1509, __FUNCTION__, "%s [%s] %016lx \"%s %s HTTP/%s\" %d %s (r:%.3fms p:%.3fms)" , lwan_request_get_remote_address(request, ip_buffer), request ->conn->thread->date.date, lwan_request_get_id(request ), lwan_request_get_method_str(request), request->original_url .value, request->flags & REQUEST_IS_HTTP_1_0 ? "1.0" : "1.1", status, request->response.mime_type, time_to_read_request , time_to_process_request); | |||
1510 | } | |||
1511 | #else | |||
1512 | #define log_request(...) | |||
1513 | #endif | |||
1514 | ||||
1515 | #ifndef NDEBUG | |||
1516 | static struct timespec current_precise_monotonic_timespec(void) | |||
1517 | { | |||
1518 | struct timespec now; | |||
1519 | ||||
1520 | if (UNLIKELY(clock_gettime(CLOCK_MONOTONIC, &now) < 0)__builtin_expect(((clock_gettime(1, &now) < 0)), (0))) { | |||
1521 | lwan_status_perror("clock_gettime")lwan_status_perror_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1521, __FUNCTION__, "clock_gettime"); | |||
1522 | return (struct timespec){}; | |||
1523 | } | |||
1524 | ||||
1525 | return now; | |||
1526 | } | |||
1527 | ||||
1528 | static double elapsed_time_ms(const struct timespec then) | |||
1529 | { | |||
1530 | const struct timespec now = current_precise_monotonic_timespec(); | |||
1531 | struct timespec diff = { | |||
1532 | .tv_sec = now.tv_sec - then.tv_sec, | |||
1533 | .tv_nsec = now.tv_nsec - then.tv_nsec, | |||
1534 | }; | |||
1535 | ||||
1536 | if (diff.tv_nsec < 0) { | |||
1537 | diff.tv_sec--; | |||
1538 | diff.tv_nsec += 1000000000l; | |||
1539 | } | |||
1540 | ||||
1541 | return (double)diff.tv_sec / 1000.0 + (double)diff.tv_nsec / 1000000.0; | |||
1542 | } | |||
1543 | #endif | |||
1544 | ||||
1545 | void lwan_process_request(struct lwan *l, struct lwan_request *request) | |||
1546 | { | |||
1547 | enum lwan_http_status status; | |||
1548 | struct lwan_url_map *url_map; | |||
1549 | ||||
1550 | #ifndef NDEBUG | |||
1551 | struct timespec request_read_begin_time = current_precise_monotonic_timespec(); | |||
1552 | #endif | |||
1553 | status = read_request(request); | |||
1554 | ||||
1555 | #ifndef NDEBUG | |||
1556 | double time_to_read_request = elapsed_time_ms(request_read_begin_time); | |||
1557 | ||||
1558 | struct timespec request_begin_time = current_precise_monotonic_timespec(); | |||
1559 | #endif | |||
1560 | if (UNLIKELY(status != HTTP_OK)__builtin_expect(((status != HTTP_OK)), (0))) { | |||
| ||||
1561 | /* If read_request() returns any error at this point, it's probably | |||
1562 | * better to just send an error response and abort the coroutine and | |||
1563 | * let the client handle the error instead: we don't have | |||
1564 | * information to even log the request because it has not been | |||
1565 | * parsed yet at this stage. Even if there are other requests waiting | |||
1566 | * in the pipeline, this seems like the safer thing to do. */ | |||
1567 | request->conn->flags &= ~CONN_IS_KEEP_ALIVE; | |||
1568 | lwan_default_response(request, status); | |||
1569 | /* Let process_request_coro() gracefully close the connection. */ | |||
1570 | return; | |||
1571 | } | |||
1572 | ||||
1573 | status = parse_http_request(request); | |||
1574 | if (UNLIKELY(status != HTTP_OK)__builtin_expect(((status != HTTP_OK)), (0))) | |||
1575 | goto log_and_return; | |||
1576 | ||||
1577 | lookup_again: | |||
1578 | url_map = lwan_trie_lookup_prefix(&l->url_map_trie, request->url.value); | |||
1579 | if (UNLIKELY(!url_map)__builtin_expect(((!url_map)), (0))) { | |||
1580 | status = HTTP_NOT_FOUND; | |||
1581 | goto log_and_return; | |||
1582 | } | |||
1583 | ||||
1584 | status = prepare_for_response(url_map, request); | |||
1585 | if (UNLIKELY(status != HTTP_OK)__builtin_expect(((status != HTTP_OK)), (0))) | |||
1586 | goto log_and_return; | |||
1587 | ||||
1588 | status = url_map->handler(request, &request->response, url_map->data); | |||
1589 | if (UNLIKELY(url_map->flags & HANDLER_CAN_REWRITE_URL)__builtin_expect(((url_map->flags & HANDLER_CAN_REWRITE_URL )), (0))) { | |||
1590 | if (request->flags & RESPONSE_URL_REWRITTEN) { | |||
1591 | if (LIKELY(handle_rewrite(request))__builtin_expect((!!(handle_rewrite(request))), (1))) | |||
1592 | goto lookup_again; | |||
1593 | return; | |||
1594 | } | |||
1595 | } | |||
1596 | ||||
1597 | log_and_return: | |||
1598 | lwan_response(request, status); | |||
1599 | ||||
1600 | log_request(request, status, time_to_read_request, elapsed_time_ms(request_begin_time)); | |||
1601 | } | |||
1602 | ||||
1603 | static inline void * | |||
1604 | value_lookup(const struct lwan_key_value_array *array, const char *key) | |||
1605 | { | |||
1606 | const struct lwan_array *la = (const struct lwan_array *)array; | |||
1607 | ||||
1608 | if (LIKELY(la->elements)__builtin_expect((!!(la->elements)), (1))) { | |||
1609 | struct lwan_key_value k = { .key = (char *)key }; | |||
1610 | struct lwan_key_value *entry; | |||
1611 | ||||
1612 | entry = bsearch(&k, la->base, la->elements, sizeof(k), key_value_compare); | |||
1613 | if (LIKELY(entry)__builtin_expect((!!(entry)), (1))) | |||
1614 | return entry->value; | |||
1615 | } | |||
1616 | ||||
1617 | return NULL((void*)0); | |||
1618 | } | |||
1619 | ||||
1620 | const char *lwan_request_get_query_param(struct lwan_request *request, | |||
1621 | const char *key) | |||
1622 | { | |||
1623 | return value_lookup(lwan_request_get_query_params(request), key); | |||
1624 | } | |||
1625 | ||||
1626 | const char *lwan_request_get_post_param(struct lwan_request *request, | |||
1627 | const char *key) | |||
1628 | { | |||
1629 | return value_lookup(lwan_request_get_post_params(request), key); | |||
1630 | } | |||
1631 | ||||
1632 | const char *lwan_request_get_cookie(struct lwan_request *request, | |||
1633 | const char *key) | |||
1634 | { | |||
1635 | return value_lookup(lwan_request_get_cookies(request), key); | |||
1636 | } | |||
1637 | ||||
1638 | const char * | |||
1639 | lwan_request_get_header_from_helper(struct lwan_request_parser_helper *helper, | |||
1640 | const char *header) | |||
1641 | { | |||
1642 | const size_t header_len = strlen(header); | |||
1643 | const size_t header_len_with_separator = | |||
1644 | header_len + HEADER_VALUE_SEPARATOR_LEN(sizeof(": ") - 1); | |||
1645 | ||||
1646 | assert(strchr(header, ':') == NULL)((void) sizeof ((strchr(header, ':') == ((void*)0)) ? 1 : 0), __extension__ ({ if (strchr(header, ':') == ((void*)0)) ; else __assert_fail ("strchr(header, ':') == NULL", "/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1646, __extension__ __PRETTY_FUNCTION__); })); | |||
1647 | ||||
1648 | for (size_t i = 0; i < helper->n_header_start; i++) { | |||
1649 | const char *start = helper->header_start[i]; | |||
1650 | char *end = helper->header_start[i + 1] - HEADER_TERMINATOR_LEN(sizeof("\r\n") - 1); | |||
1651 | ||||
1652 | if (UNLIKELY((size_t)(end - start) < header_len_with_separator)__builtin_expect((((size_t)(end - start) < header_len_with_separator )), (0))) | |||
1653 | continue; | |||
1654 | ||||
1655 | STRING_SWITCH_SMALL (start + header_len)switch (string_as_uint16(start + header_len)) { | |||
1656 | case STR2_INT(':', ' ')((uint16_t)((':') | (' ') << 8)): | |||
1657 | if (!strncasecmp(start, header, header_len)) { | |||
1658 | *end = '\0'; | |||
1659 | return start + header_len_with_separator; | |||
1660 | } | |||
1661 | } | |||
1662 | } | |||
1663 | ||||
1664 | return NULL((void*)0); | |||
1665 | } | |||
1666 | ||||
1667 | inline const char *lwan_request_get_header(struct lwan_request *request, | |||
1668 | const char *header) | |||
1669 | { | |||
1670 | return lwan_request_get_header_from_helper(request->helper, header); | |||
1671 | } | |||
1672 | ||||
1673 | const char *lwan_request_get_host(struct lwan_request *request) | |||
1674 | { | |||
1675 | const struct lwan_request_parser_helper *helper = request->helper; | |||
1676 | ||||
1677 | return helper->host.len ? helper->host.value : NULL((void*)0); | |||
1678 | } | |||
1679 | ||||
1680 | ALWAYS_INLINEinline __attribute__((always_inline)) int | |||
1681 | lwan_connection_get_fd(const struct lwan *lwan, const struct lwan_connection *conn) | |||
1682 | { | |||
1683 | return (int)(intptr_t)(conn - lwan->conns); | |||
1684 | } | |||
1685 | ||||
1686 | const char * | |||
1687 | lwan_request_get_remote_address_and_port(struct lwan_request *request, | |||
1688 | char buffer[static INET6_ADDRSTRLEN46], | |||
1689 | uint16_t *port) | |||
1690 | { | |||
1691 | struct sockaddr_storage non_proxied_addr = {.ss_family = AF_UNSPEC0}; | |||
1692 | struct sockaddr_storage *sock_addr; | |||
1693 | ||||
1694 | *port = 0; | |||
1695 | ||||
1696 | if (request->flags & REQUEST_PROXIED) { | |||
1697 | sock_addr = (struct sockaddr_storage *)&request->proxy->from; | |||
1698 | ||||
1699 | if (UNLIKELY(sock_addr->ss_family == AF_UNSPEC)__builtin_expect(((sock_addr->ss_family == 0)), (0))) { | |||
1700 | static const char unspecified[] = "*unspecified*"; | |||
1701 | ||||
1702 | static_assert_Static_assert(sizeof(unspecified) <= INET6_ADDRSTRLEN46, | |||
1703 | "Enough space for unspecified address family"); | |||
1704 | return memcpy(buffer, unspecified, sizeof(unspecified)); | |||
1705 | } | |||
1706 | } else { | |||
1707 | socklen_t sock_len = sizeof(non_proxied_addr); | |||
1708 | ||||
1709 | sock_addr = &non_proxied_addr; | |||
1710 | ||||
1711 | if (UNLIKELY(getpeername(request->fd, (struct sockaddr *)sock_addr,__builtin_expect(((getpeername(request->fd, (struct sockaddr *)sock_addr, &sock_len) < 0)), (0)) | |||
1712 | &sock_len) < 0)__builtin_expect(((getpeername(request->fd, (struct sockaddr *)sock_addr, &sock_len) < 0)), (0))) { | |||
1713 | return NULL((void*)0); | |||
1714 | } | |||
1715 | } | |||
1716 | ||||
1717 | if (sock_addr->ss_family
| |||
1718 | struct sockaddr_in *sin = (struct sockaddr_in *)sock_addr; | |||
1719 | *port = ntohs(sin->sin_port); | |||
1720 | return inet_ntop(AF_INET2, &sin->sin_addr, buffer, INET6_ADDRSTRLEN46); | |||
1721 | } | |||
1722 | ||||
1723 | struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sock_addr; | |||
1724 | *port = ntohs(sin6->sin6_port); | |||
| ||||
1725 | return inet_ntop(AF_INET610, &sin6->sin6_addr, buffer, INET6_ADDRSTRLEN46); | |||
1726 | } | |||
1727 | ||||
1728 | const char * | |||
1729 | lwan_request_get_remote_address(struct lwan_request *request, | |||
1730 | char buffer[static INET6_ADDRSTRLEN46]) | |||
1731 | { | |||
1732 | uint16_t port; | |||
1733 | return lwan_request_get_remote_address_and_port(request, buffer, &port); | |||
1734 | } | |||
1735 | ||||
1736 | static void remove_sleep(void *data1, void *data2) | |||
1737 | { | |||
1738 | static const enum lwan_connection_flags suspended_sleep = | |||
1739 | CONN_SUSPENDED | CONN_HAS_REMOVE_SLEEP_DEFER; | |||
1740 | struct timeouts *wheel = data1; | |||
1741 | struct timeout *timeout = data2; | |||
1742 | struct lwan_request *request = | |||
1743 | container_of(timeout, struct lwan_request, timeout)((struct lwan_request *) ((char *)(timeout) - __builtin_offsetof (struct lwan_request, timeout)) + ((typeof(*(timeout)) *)0 != (typeof(((struct lwan_request *)0)->timeout) *)0)); | |||
1744 | ||||
1745 | if ((request->conn->flags & suspended_sleep) == suspended_sleep) | |||
1746 | timeouts_del(wheel, timeout); | |||
1747 | ||||
1748 | request->conn->flags &= ~CONN_HAS_REMOVE_SLEEP_DEFER; | |||
1749 | } | |||
1750 | ||||
1751 | void lwan_request_sleep(struct lwan_request *request, uint64_t ms) | |||
1752 | { | |||
1753 | struct lwan_connection *conn = request->conn; | |||
1754 | struct timeouts *wheel = conn->thread->wheel; | |||
1755 | struct timespec now; | |||
1756 | coro_deferred defer = -1; | |||
1757 | ||||
1758 | /* We need to update the timer wheel right now because | |||
1759 | * a request might have requested to sleep a long time | |||
1760 | * before it was being serviced -- causing the timeout | |||
1761 | * to essentially be a no-op. */ | |||
1762 | if (UNLIKELY(clock_gettime(monotonic_clock_id, &now) < 0)__builtin_expect(((clock_gettime(monotonic_clock_id, &now ) < 0)), (0))) | |||
1763 | lwan_status_critical("Could not get monotonic time")lwan_status_critical_debug("/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1763, __FUNCTION__, "Could not get monotonic time"); | |||
1764 | timeouts_update(wheel, (timeout_t)(now.tv_sec * 1000 + now.tv_nsec / 1000000)); | |||
1765 | ||||
1766 | request->timeout = (struct timeout) {}; | |||
1767 | timeouts_add(wheel, &request->timeout, ms); | |||
1768 | ||||
1769 | if (!(conn->flags & CONN_HAS_REMOVE_SLEEP_DEFER)) { | |||
1770 | defer = coro_defer2(conn->coro, remove_sleep, wheel, &request->timeout); | |||
1771 | conn->flags |= CONN_HAS_REMOVE_SLEEP_DEFER; | |||
1772 | } | |||
1773 | ||||
1774 | coro_yield(conn->coro, CONN_CORO_SUSPEND); | |||
1775 | ||||
1776 | if (defer > 0) | |||
1777 | coro_defer_fire_and_disarm(conn->coro, defer); | |||
1778 | } | |||
1779 | ||||
1780 | ALWAYS_INLINEinline __attribute__((always_inline)) int | |||
1781 | lwan_request_get_range(struct lwan_request *request, off_t *from, off_t *to) | |||
1782 | { | |||
1783 | struct lwan_request_parser_helper *helper = request->helper; | |||
1784 | ||||
1785 | if (!(request->flags & REQUEST_PARSED_RANGE)) { | |||
1786 | parse_range(helper); | |||
1787 | request->flags |= REQUEST_PARSED_RANGE; | |||
1788 | } | |||
1789 | ||||
1790 | if (LIKELY(helper->range.raw.len)__builtin_expect((!!(helper->range.raw.len)), (1))) { | |||
1791 | *from = helper->range.from; | |||
1792 | *to = helper->range.to; | |||
1793 | return 0; | |||
1794 | } | |||
1795 | ||||
1796 | return -ENOENT2; | |||
1797 | } | |||
1798 | ||||
1799 | ALWAYS_INLINEinline __attribute__((always_inline)) int | |||
1800 | lwan_request_get_if_modified_since(struct lwan_request *request, time_t *value) | |||
1801 | { | |||
1802 | struct lwan_request_parser_helper *helper = request->helper; | |||
1803 | ||||
1804 | if (!(request->flags & REQUEST_PARSED_IF_MODIFIED_SINCE)) { | |||
1805 | parse_if_modified_since(helper); | |||
1806 | request->flags |= REQUEST_PARSED_IF_MODIFIED_SINCE; | |||
1807 | } | |||
1808 | ||||
1809 | if (LIKELY(helper->if_modified_since.raw.len)__builtin_expect((!!(helper->if_modified_since.raw.len)), ( 1))) { | |||
1810 | *value = helper->if_modified_since.parsed; | |||
1811 | return 0; | |||
1812 | } | |||
1813 | ||||
1814 | return -ENOENT2; | |||
1815 | } | |||
1816 | ||||
1817 | ALWAYS_INLINEinline __attribute__((always_inline)) const struct lwan_value * | |||
1818 | lwan_request_get_request_body(struct lwan_request *request) | |||
1819 | { | |||
1820 | return &request->helper->body_data; | |||
1821 | } | |||
1822 | ||||
1823 | ALWAYS_INLINEinline __attribute__((always_inline)) const struct lwan_value * | |||
1824 | lwan_request_get_content_type(struct lwan_request *request) | |||
1825 | { | |||
1826 | return &request->helper->content_type; | |||
1827 | } | |||
1828 | ||||
1829 | ALWAYS_INLINEinline __attribute__((always_inline)) const struct lwan_key_value_array * | |||
1830 | lwan_request_get_cookies(struct lwan_request *request) | |||
1831 | { | |||
1832 | if (!(request->flags & REQUEST_PARSED_COOKIES)) { | |||
1833 | parse_cookies(request); | |||
1834 | request->flags |= REQUEST_PARSED_COOKIES; | |||
1835 | } | |||
1836 | ||||
1837 | return &request->helper->cookies; | |||
1838 | } | |||
1839 | ||||
1840 | ALWAYS_INLINEinline __attribute__((always_inline)) const struct lwan_key_value_array * | |||
1841 | lwan_request_get_query_params(struct lwan_request *request) | |||
1842 | { | |||
1843 | if (!(request->flags & REQUEST_PARSED_QUERY_STRING)) { | |||
1844 | parse_query_string(request); | |||
1845 | request->flags |= REQUEST_PARSED_QUERY_STRING; | |||
1846 | } | |||
1847 | ||||
1848 | return &request->helper->query_params; | |||
1849 | } | |||
1850 | ||||
1851 | ALWAYS_INLINEinline __attribute__((always_inline)) const struct lwan_key_value_array * | |||
1852 | lwan_request_get_post_params(struct lwan_request *request) | |||
1853 | { | |||
1854 | if (!(request->flags & REQUEST_PARSED_FORM_DATA)) { | |||
1855 | parse_form_data(request); | |||
1856 | request->flags |= REQUEST_PARSED_FORM_DATA; | |||
1857 | } | |||
1858 | ||||
1859 | return &request->helper->post_params; | |||
1860 | } | |||
1861 | ||||
1862 | ALWAYS_INLINEinline __attribute__((always_inline)) enum lwan_request_flags | |||
1863 | lwan_request_get_accept_encoding(struct lwan_request *request) | |||
1864 | { | |||
1865 | if (!(request->flags & REQUEST_PARSED_ACCEPT_ENCODING)) { | |||
1866 | parse_accept_encoding(request); | |||
1867 | request->flags |= REQUEST_PARSED_ACCEPT_ENCODING; | |||
1868 | } | |||
1869 | ||||
1870 | return request->flags & REQUEST_ACCEPT_MASK; | |||
1871 | } | |||
1872 | ||||
1873 | #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION | |||
1874 | static int useless_coro_for_fuzzing(struct coro *c __attribute__((unused)), | |||
1875 | void *data __attribute__((unused))) | |||
1876 | { | |||
1877 | return 0; | |||
1878 | } | |||
1879 | ||||
1880 | static bool_Bool request_seems_complete(struct lwan_request_parser_helper *helper) | |||
1881 | { | |||
1882 | return read_request_finalizer_from_helper(helper->buffer, helper, 1, | |||
1883 | false0) == FINALIZER_DONE; | |||
1884 | } | |||
1885 | ||||
1886 | __attribute__((used)) int fuzz_parse_http_request(const uint8_t *data, | |||
1887 | size_t length) | |||
1888 | { | |||
1889 | static struct coro_switcher switcher; | |||
1890 | static struct coro *coro; | |||
1891 | static char *header_start[N_HEADER_START64]; | |||
1892 | static char data_copy[32767] = {0}; | |||
1893 | ||||
1894 | if (length > sizeof(data_copy)) | |||
1895 | length = sizeof(data_copy); | |||
1896 | memcpy(data_copy, data, length); | |||
1897 | ||||
1898 | if (!coro) { | |||
1899 | coro = coro_new(&switcher, useless_coro_for_fuzzing, NULL((void*)0)); | |||
1900 | ||||
1901 | lwan_job_thread_init(); | |||
1902 | lwan_http_authorize_init(); | |||
1903 | } | |||
1904 | ||||
1905 | struct lwan_request_parser_helper helper = { | |||
1906 | .buffer = &(struct lwan_value){.value = data_copy, .len = length}, | |||
1907 | .header_start = header_start, | |||
1908 | .error_when_n_packets = 2, | |||
1909 | }; | |||
1910 | struct lwan_connection conn = {.coro = coro}; | |||
1911 | struct lwan_proxy proxy = {}; | |||
1912 | struct lwan_request request = { | |||
1913 | .helper = &helper, | |||
1914 | .conn = &conn, | |||
1915 | .flags = REQUEST_ALLOW_PROXY_REQS, | |||
1916 | .proxy = &proxy, | |||
1917 | }; | |||
1918 | ||||
1919 | /* If the finalizer isn't happy with a request, there's no point in | |||
1920 | * going any further with parsing it. */ | |||
1921 | if (!request_seems_complete(&helper)) | |||
1922 | return 0; | |||
1923 | ||||
1924 | /* client_read() NUL-terminates the string */ | |||
1925 | data_copy[length - 1] = '\0'; | |||
1926 | ||||
1927 | if (parse_http_request(&request) != HTTP_OK) | |||
1928 | return 0; | |||
1929 | ||||
1930 | off_t trash1; | |||
1931 | time_t trash2; | |||
1932 | char *trash3; | |||
1933 | size_t gen = coro_deferred_get_generation(coro); | |||
1934 | ||||
1935 | /* Only pointers were set in helper struct; actually parse them here. */ | |||
1936 | parse_accept_encoding(&request); | |||
1937 | ||||
1938 | /* Requesting these items will force them to be parsed, and also | |||
1939 | * exercise the lookup function. */ | |||
1940 | LWAN_NO_DISCARD(lwan_request_get_header(&request, "Non-Existing-Header"))do { __typeof__(lwan_request_get_header(&request, "Non-Existing-Header" )) no_discard_ = lwan_request_get_header(&request, "Non-Existing-Header" ); __asm__ __volatile__("" ::"g"(no_discard_) : "memory"); } while (0); | |||
1941 | ||||
1942 | /* Usually existing short header */ | |||
1943 | LWAN_NO_DISCARD(lwan_request_get_header(&request, "Host"))do { __typeof__(lwan_request_get_header(&request, "Host") ) no_discard_ = lwan_request_get_header(&request, "Host") ; __asm__ __volatile__("" ::"g"(no_discard_) : "memory"); } while (0); | |||
1944 | ||||
1945 | LWAN_NO_DISCARD(lwan_request_get_cookie(&request, "Non-Existing-Cookie"))do { __typeof__(lwan_request_get_cookie(&request, "Non-Existing-Cookie" )) no_discard_ = lwan_request_get_cookie(&request, "Non-Existing-Cookie" ); __asm__ __volatile__("" ::"g"(no_discard_) : "memory"); } while (0); | |||
1946 | /* Set by some tests */ | |||
1947 | LWAN_NO_DISCARD(lwan_request_get_cookie(&request, "FOO"))do { __typeof__(lwan_request_get_cookie(&request, "FOO")) no_discard_ = lwan_request_get_cookie(&request, "FOO"); __asm__ __volatile__("" ::"g"(no_discard_) : "memory"); } while (0); | |||
1948 | ||||
1949 | LWAN_NO_DISCARD(do { __typeof__(lwan_request_get_query_param(&request, "Non-Existing-Query-Param" )) no_discard_ = lwan_request_get_query_param(&request, "Non-Existing-Query-Param" ); __asm__ __volatile__("" ::"g"(no_discard_) : "memory"); } while (0) | |||
1950 | lwan_request_get_query_param(&request, "Non-Existing-Query-Param"))do { __typeof__(lwan_request_get_query_param(&request, "Non-Existing-Query-Param" )) no_discard_ = lwan_request_get_query_param(&request, "Non-Existing-Query-Param" ); __asm__ __volatile__("" ::"g"(no_discard_) : "memory"); } while (0); | |||
1951 | ||||
1952 | LWAN_NO_DISCARD(do { __typeof__(lwan_request_get_post_param(&request, "Non-Existing-Post-Param" )) no_discard_ = lwan_request_get_post_param(&request, "Non-Existing-Post-Param" ); __asm__ __volatile__("" ::"g"(no_discard_) : "memory"); } while (0) | |||
1953 | lwan_request_get_post_param(&request, "Non-Existing-Post-Param"))do { __typeof__(lwan_request_get_post_param(&request, "Non-Existing-Post-Param" )) no_discard_ = lwan_request_get_post_param(&request, "Non-Existing-Post-Param" ); __asm__ __volatile__("" ::"g"(no_discard_) : "memory"); } while (0); | |||
1954 | ||||
1955 | lwan_request_get_range(&request, &trash1, &trash1); | |||
1956 | LWAN_NO_DISCARD(trash1)do { __typeof__(trash1) no_discard_ = trash1; __asm__ __volatile__ ("" ::"g"(no_discard_) : "memory"); } while (0); | |||
1957 | ||||
1958 | lwan_request_get_if_modified_since(&request, &trash2); | |||
1959 | LWAN_NO_DISCARD(trash2)do { __typeof__(trash2) no_discard_ = trash2; __asm__ __volatile__ ("" ::"g"(no_discard_) : "memory"); } while (0); | |||
1960 | ||||
1961 | enum lwan_http_status handshake = | |||
1962 | prepare_websocket_handshake(&request, &trash3); | |||
1963 | LWAN_NO_DISCARD(trash3)do { __typeof__(trash3) no_discard_ = trash3; __asm__ __volatile__ ("" ::"g"(no_discard_) : "memory"); } while (0); | |||
1964 | if (handshake == HTTP_SWITCHING_PROTOCOLS) | |||
1965 | free(trash3); | |||
1966 | ||||
1967 | LWAN_NO_DISCARD(lwan_http_authorize(&request, "Fuzzy Realm", "/dev/null"))do { __typeof__(lwan_http_authorize(&request, "Fuzzy Realm" , "/dev/null")) no_discard_ = lwan_http_authorize(&request , "Fuzzy Realm", "/dev/null"); __asm__ __volatile__("" ::"g"( no_discard_) : "memory"); } while (0); | |||
1968 | ||||
1969 | coro_deferred_run(coro, gen); | |||
1970 | ||||
1971 | return 0; | |||
1972 | } | |||
1973 | #endif | |||
1974 | ||||
1975 | static inline int64_t | |||
1976 | make_async_yield_value(int fd, enum lwan_connection_coro_yield event) | |||
1977 | { | |||
1978 | return (int64_t)(((uint64_t)fd << 32 | event)); | |||
1979 | } | |||
1980 | ||||
1981 | static inline void async_await_fd(struct coro *coro, | |||
1982 | int fd, | |||
1983 | enum lwan_connection_coro_yield events) | |||
1984 | { | |||
1985 | assert(events >= CONN_CORO_ASYNC_AWAIT_READ &&((void) sizeof ((events >= CONN_CORO_ASYNC_AWAIT_READ && events <= CONN_CORO_ASYNC_AWAIT_READ_WRITE) ? 1 : 0), __extension__ ({ if (events >= CONN_CORO_ASYNC_AWAIT_READ && events <= CONN_CORO_ASYNC_AWAIT_READ_WRITE) ; else __assert_fail ("events >= CONN_CORO_ASYNC_AWAIT_READ && events <= CONN_CORO_ASYNC_AWAIT_READ_WRITE" , "/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1986, __extension__ __PRETTY_FUNCTION__); })) | |||
1986 | events <= CONN_CORO_ASYNC_AWAIT_READ_WRITE)((void) sizeof ((events >= CONN_CORO_ASYNC_AWAIT_READ && events <= CONN_CORO_ASYNC_AWAIT_READ_WRITE) ? 1 : 0), __extension__ ({ if (events >= CONN_CORO_ASYNC_AWAIT_READ && events <= CONN_CORO_ASYNC_AWAIT_READ_WRITE) ; else __assert_fail ("events >= CONN_CORO_ASYNC_AWAIT_READ && events <= CONN_CORO_ASYNC_AWAIT_READ_WRITE" , "/home/buildbot/lwan-worker/clang-analyze/build/src/lib/lwan-request.c" , 1986, __extension__ __PRETTY_FUNCTION__); })); | |||
1987 | ||||
1988 | return (void)coro_yield(coro, make_async_yield_value(fd, events)); | |||
1989 | } | |||
1990 | ||||
1991 | void lwan_request_await_read(struct lwan_request *r, int fd) | |||
1992 | { | |||
1993 | return async_await_fd(r->conn->coro, fd, CONN_CORO_ASYNC_AWAIT_READ); | |||
1994 | } | |||
1995 | ||||
1996 | void lwan_request_await_write(struct lwan_request *r, int fd) | |||
1997 | { | |||
1998 | return async_await_fd(r->conn->coro, fd, CONN_CORO_ASYNC_AWAIT_WRITE); | |||
1999 | } | |||
2000 | ||||
2001 | void lwan_request_await_read_write(struct lwan_request *r, int fd) | |||
2002 | { | |||
2003 | return async_await_fd(r->conn->coro, fd, CONN_CORO_ASYNC_AWAIT_READ_WRITE); | |||
2004 | } | |||
2005 | ||||
2006 | ssize_t lwan_request_async_read_flags( | |||
2007 | struct lwan_request *request, int fd, void *buf, size_t len, int flags) | |||
2008 | { | |||
2009 | while (true1) { | |||
2010 | ssize_t r = recv(fd, buf, len, MSG_DONTWAITMSG_DONTWAIT | MSG_NOSIGNALMSG_NOSIGNAL | flags); | |||
2011 | ||||
2012 | if (r < 0) { | |||
2013 | switch (errno(*__errno_location ())) { | |||
2014 | case EWOULDBLOCK11: | |||
2015 | lwan_request_await_read(request, fd); | |||
2016 | /* Fallthrough */ | |||
2017 | case EINTR4: | |||
2018 | continue; | |||
2019 | case EPIPE32: | |||
2020 | return -errno(*__errno_location ()); | |||
2021 | } | |||
2022 | } | |||
2023 | ||||
2024 | return r; | |||
2025 | } | |||
2026 | } | |||
2027 | ||||
2028 | ssize_t lwan_request_async_read(struct lwan_request *request, | |||
2029 | int fd, | |||
2030 | void *buf, | |||
2031 | size_t len) | |||
2032 | { | |||
2033 | return lwan_request_async_read_flags(request, fd, buf, len, 0); | |||
2034 | } | |||
2035 | ||||
2036 | ssize_t lwan_request_async_write(struct lwan_request *request, | |||
2037 | int fd, | |||
2038 | const void *buf, | |||
2039 | size_t len) | |||
2040 | { | |||
2041 | while (true1) { | |||
2042 | ssize_t r = send(fd, buf, len, MSG_DONTWAITMSG_DONTWAIT|MSG_NOSIGNALMSG_NOSIGNAL); | |||
2043 | ||||
2044 | if (r < 0) { | |||
2045 | switch (errno(*__errno_location ())) { | |||
2046 | case EWOULDBLOCK11: | |||
2047 | lwan_request_await_write(request, fd); | |||
2048 | /* Fallthrough */ | |||
2049 | case EINTR4: | |||
2050 | continue; | |||
2051 | case EPIPE32: | |||
2052 | return -errno(*__errno_location ()); | |||
2053 | } | |||
2054 | } | |||
2055 | ||||
2056 | return r; | |||
2057 | } | |||
2058 | } | |||
2059 | ||||
2060 | ssize_t lwan_request_async_writev(struct lwan_request *request, | |||
2061 | int fd, | |||
2062 | struct iovec *iov, | |||
2063 | int iov_count) | |||
2064 | { | |||
2065 | ssize_t total_written = 0; | |||
2066 | int curr_iov = 0; | |||
2067 | ||||
2068 | for (int tries = 10; tries;) { | |||
2069 | const int remaining_len = (int)(iov_count - curr_iov); | |||
2070 | ssize_t written; | |||
2071 | ||||
2072 | if (remaining_len == 1) { | |||
2073 | const struct iovec *vec = &iov[curr_iov]; | |||
2074 | return lwan_request_async_write(request, fd, vec->iov_base, | |||
2075 | vec->iov_len); | |||
2076 | } | |||
2077 | ||||
2078 | written = writev(fd, iov + curr_iov, (size_t)remaining_len); | |||
2079 | if (UNLIKELY(written < 0)__builtin_expect(((written < 0)), (0))) { | |||
2080 | /* FIXME: Consider short writes as another try as well? */ | |||
2081 | tries--; | |||
2082 | ||||
2083 | switch (errno(*__errno_location ())) { | |||
2084 | case EAGAIN11: | |||
2085 | case EINTR4: | |||
2086 | goto try_again; | |||
2087 | default: | |||
2088 | goto out; | |||
2089 | } | |||
2090 | } | |||
2091 | ||||
2092 | total_written += written; | |||
2093 | ||||
2094 | while (curr_iov < iov_count && | |||
2095 | written >= (ssize_t)iov[curr_iov].iov_len) { | |||
2096 | written -= (ssize_t)iov[curr_iov].iov_len; | |||
2097 | curr_iov++; | |||
2098 | } | |||
2099 | ||||
2100 | if (curr_iov == iov_count) | |||
2101 | return total_written; | |||
2102 | ||||
2103 | iov[curr_iov].iov_base = (char *)iov[curr_iov].iov_base + written; | |||
2104 | iov[curr_iov].iov_len -= (size_t)written; | |||
2105 | ||||
2106 | try_again: | |||
2107 | lwan_request_await_write(request, fd); | |||
2108 | } | |||
2109 | ||||
2110 | out: | |||
2111 | coro_yield(request->conn->coro, CONN_CORO_ABORT); | |||
2112 | __builtin_unreachable(); | |||
2113 | } | |||
2114 | ||||
2115 | void lwan_request_foreach_header_for_cgi(struct lwan_request *request, | |||
2116 | void (*cb)(const char *header_name, | |||
2117 | size_t header_len, | |||
2118 | const char *value, | |||
2119 | size_t value_len, | |||
2120 | void *user_data), | |||
2121 | void *user_data) | |||
2122 | { | |||
2123 | struct lwan_request_parser_helper *helper = request->helper; | |||
2124 | char **header_start = helper->header_start; | |||
2125 | size_t n_header_start = helper->n_header_start; | |||
2126 | ||||
2127 | for (size_t i = 0; i < n_header_start; i++) { | |||
2128 | const char *header = header_start[i]; | |||
2129 | const char *next_header = header_start[i + 1]; | |||
2130 | const char *colon = memchr(header, ':', 127 - sizeof("HTTP_: ") - 1); | |||
2131 | char header_name[128]; | |||
2132 | int r; | |||
2133 | ||||
2134 | if (!colon) | |||
2135 | continue; | |||
2136 | ||||
2137 | const size_t header_len = (size_t)(colon - header); | |||
2138 | const size_t value_len = (size_t)(next_header - colon - 4); | |||
2139 | ||||
2140 | r = snprintf(header_name, sizeof(header_name), "HTTP_%.*s", | |||
2141 | (int)header_len, header); | |||
2142 | if (r < 0 || r >= (int)sizeof(header_name)) | |||
2143 | continue; | |||
2144 | ||||
2145 | /* FIXME: RFC7230/RFC3875 compliance */ | |||
2146 | for (char *p = header_name; *p; p++) { | |||
2147 | if (isalpha(*p)((*__ctype_b_loc ())[(int) ((*p))] & (unsigned short int) _ISalpha)) | |||
2148 | *p &= ~0x20; | |||
2149 | else if (!isdigit(*p)((*__ctype_b_loc ())[(int) ((*p))] & (unsigned short int) _ISdigit)) | |||
2150 | *p = '_'; | |||
2151 | } | |||
2152 | ||||
2153 | if (streq(header_name, "HTTP_PROXY")) { | |||
2154 | /* Mitigation for https://httpoxy.org */ | |||
2155 | continue; | |||
2156 | } | |||
2157 | ||||
2158 | cb(header_name, header_len + sizeof("HTTP_") - 1, colon + 2, value_len, | |||
2159 | user_data); | |||
2160 | } | |||
2161 | } |