Date: Wed, 15 Aug 2001 03:07:00 -0700 (PDT) From: Eugene Grosbein <eugen@svzserv.kemerovo.su> To: freebsd-gnats-submit@FreeBSD.org Subject: bin/29725: [PATCH] Fixed segmentation fault in simple_httpd and some other bugfixes Message-ID: <200108151007.f7FA70076311@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 29725
>Category: bin
>Synopsis: [PATCH] Fixed segmentation fault in simple_httpd and some other bugfixes
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Wed Aug 15 03:10:17 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: Eugene Grosbein
>Release: FreeBSD 3.5-STABLE (the same applies to FreeBSD 4.3-STABLE and 5.0-CURRENT)
>Organization:
Svyaz-Service JSC
>Environment:
FreeBSD www.svzserv.kemerovo.su 3.5-STABLE FreeBSD 3.5-STABLE #0: Tue Aug 7 09:59:15 KRAST
2001 eu@www.svzserv.kemerovo.su:/home3/src/sys/compile/WWW i386
>Description:
This PR fixes some bugs in /usr/src/release/picobsd/simple_httpd
and tries to clean up code.
* Fixed segmentation fault when serving request of
file without '.' in the name. Added file mime_t.h introducing
array mime_type[][] for mapping of file extentions to mime types
and string default_mime_type for unknown/missing extentions.
* The 'Content-length' header prepared but not sent - fixed.
* Fixed format string in init_servconnection() - missing "%d" added.
* Fixed format string for value of type off_t in http_request() -
"%d" replaced with "%lld"
* Commented out unused variables ld, http1, msg in http_request()
* Commented out unused variables bflad, fd, lg in main()
>How-To-Repeat:
Build, configure and run simple_httpd.
Connect to it using telnet and try to 'GET' a file with an extention -
you will get no 'Content-length' header in the reply.
Try to 'GET' a file with no extention - you will get no file
and coredump of simple_httpd.
>Fix:
There are a patch for simple_httpd.c and new file mime_t.h for
including into tree. Feel free editing there but please commit fixes
for bugs.
/* start of mime_t.h */
#ifndef _MIME_T
#define _MIME_T
const char* default_mime_type = "application/octet-stream";
const char* mime_type[][2] = {
{ "txt", "text/plain" },
{ "htm", "text/html" },
{ "html", "text/html" },
{ "gif", "image/gif" },
{ "jpg", "image/jpeg" },
{ "mp3", "audio/mpeg" }
};
const int mime_type_max = sizeof(mime_type) / sizeof(mime_type[0]) - 1;
#endif
/* end of mime_t.h */
Here is a patch for simple_httpd.c from my local repository:
diff -u -r1.1.1.1 -r1.9
--- simple_httpd.c 2001/08/15 04:09:38 1.1.1.1
+++ simple_httpd.c 2001/08/15 09:32:34 1.9
@@ -47,6 +47,8 @@
#include <time.h>
#include <unistd.h>
+#include "mime_t.h"
+
int http_port = 80;
int daemonize = 1;
int verbose = 0;
@@ -99,7 +101,7 @@
perror("bind socket");
exit(1);
}
- if (verbose) printf("simple_httpd\n",http_port);
+ if (verbose) printf("simple_httpd:%d\n",http_port);
}
/*
@@ -191,14 +193,15 @@
*/
http_request()
{
- int fd, lg, ld, i;
+ int fd, lg, /*ld,*/ i;
int cmd = 0;
- int http1 = 0;
+/* int http1 = 0; */
char *p, *par;
char *filename, *c;
+ size_t fname_len;
struct stat file_status;
char req[1024];
- char msg[1024];
+/* char msg[1024]; */
char buff[8192];
lg = read(con_sock, req, 1024);
@@ -231,10 +234,13 @@
c = strtok(NULL, " ");
if (fetch_mode[0] != NULL) strcpy(filename,fetch_mode);
- if (filename == NULL ||
- strlen(filename)==1) filename="/index.html";
+ fname_len=strlen(filename);
+ if (filename == NULL || fname_len == 1) {
+ filename="/index.html";
+ fname_len=11;
+ }
- while (filename[0]== '/') filename++;
+ while (filename[0]== '/') { filename++; fname_len--; }
/* CGI handling. Untested */
if (!strncmp(filename,"cgi-bin/",8))
@@ -243,6 +249,7 @@
if (par=strstr(filename,"?"))
{
*par=0;
+/* fname_len=par-filename; // not used but note to the future */
par++;
}
if (access(filename,X_OK)) goto conti;
@@ -309,23 +316,22 @@
http_output(httpd_server_ident);
http_date();
- sprintf(buff, "Content-length: %d\r\n", file_status.st_size);
-
- if (strstr(filename,".txt")) {
- strcpy(buff,"Content-type: text/plain\r\n");
- } else if (strstr(filename,".html") || strstr(filename,".htm")) {
- strcpy(buff,"Content-type: text/html\r\n");
- } else if (strstr(filename,".gif")) {
- strcpy(buff,"Content-type: image/gif\r\n");
- } else if (strstr(filename,".jpg")) {
- strcpy(buff,"Content-type: image/jpeg\r\n");
- } else {
- /* Take a guess at content if we don't have something already */
- strcpy(buff,"Content-type: ");
- strcat(buff,strstr(filename,".")+1);
- strcat(buff,"\r\n");
- }
+ sprintf(buff, "Content-length: %lld\r\n", file_status.st_size);
write(con_sock, buff, strlen(buff));
+
+ strcpy(buff,"Content-type: ");
+ i=-1;
+ if (strchr(filename,'.'))
+ for (i=mime_type_max; i>=0; i--) /* file has an extention */
+ if ((c=strstr(filename,mime_type[i][0])))
+ if (filename+fname_len==c+strlen(mime_type[i][0])) {
+ strcat(buff,mime_type[i][1]);
+ break;
+ }
+
+ if (i<0) /* extention is unknown */
+ strcat(buff,default_mime_type); /* or file has no extention */
+ http_output(buff);
strftime(buff, 50, "Last-Modified: %a, %d %h %Y %H:%M:%S %Z\r\n\r\n",
gmtime(&file_status.st_mtime));
write(con_sock, buff, strlen(buff));
@@ -351,8 +357,8 @@
{
extern char *optarg;
extern int optind;
- int bflag, ch, fd, ld;
- int lg;
+ int /*bflag,*/ ch, /*fd,*/ ld;
+/* int lg; */
int httpd_group = 65534;
pid_t server_pid;
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108151007.f7FA70076311>