[sr-dev] git:master: modules/utils: added check on size of http_query reply

[Juha Heinanen]

Module: sip-router
Branch: master
Commit: 1ba4916a601b9be89507b7b1d3f3f583ca40a6eb
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=1ba4916a601b9be89507b7b1d3f3f583ca40a6eb

Author: Juha Heinanen <jh at tutpro.com>
Committer: Juha Heinanen <jh at tutpro.com>
Date:   Fri Jul 24 19:10:23 2009 +0300

modules/utils: added check on size of http_query reply

- Added check on actual size of http_query reply body that fixes possible
  crash if body does not contain a linefeed.
- If body does not contain a linefeed, return whole body as result.

---

 modules/utils/functions.c |   10 ++++++++--
 1 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/modules/utils/functions.c b/modules/utils/functions.c
index d042c71..10cf61c 100644
--- a/modules/utils/functions.c
+++ b/modules/utils/functions.c
@@ -73,6 +73,7 @@ int http_query(struct sip_msg* _m, char* _url, char* _dst)
     long stat;
     pv_spec_t *dst;
     pv_value_t val;
+    double download_size;
 
     if (fixup_get_svalue(_m, (gparam_p)_url, &value) != 0) {
 	LM_ERR("cannot get page value\n");
@@ -113,12 +114,17 @@ int http_query(struct sip_msg* _m, char* _url, char* _dst)
 
     curl_easy_getinfo(curl, CURLINFO_HTTP_CODE, &stat);
     if ((stat >= 200) && (stat < 400)) {
-	at = index(stream, (char)10);  /* search for line feed */
+	curl_easy_getinfo(curl, CURLINFO_SIZE_DOWNLOAD, &download_size);
+	LM_DBG("http_query download size: %u\n", (unsigned int)download_size);
+	/* search for line feed */
+	at = memchr(stream, (char)10, download_size);
 	if (at == NULL) {
-	    at = stream;  /* set empty string */
+	    /* not found: use whole stream */
+	    at = stream + (unsigned int)download_size;
 	}
 	val.rs.s = stream;
 	val.rs.len = at - stream;
+	LM_DBG("http)query result: %.*s\n", val.rs.len, val.rs.s);
 	val.flags = PV_VAL_STR;
 	dst = (pv_spec_t *)_dst;
 	dst->setf(_m, &dst->pvp, (int)EQ_T, &val);