Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Icecast-Server
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
94
Issues
94
List
Boards
Labels
Service Desk
Milestones
Merge Requests
1
Merge Requests
1
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
External Wiki
External Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Xiph.Org
Icecast-Server
Commits
f349c3bf
Commit
f349c3bf
authored
Aug 11, 2002
by
Michael Smith
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
More path handling cleanups, and memory leak fixes.
svn path=/trunk/icecast/; revision=3804
parent
850cf995
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
63 additions
and
14 deletions
+63
-14
src/connection.c
src/connection.c
+31
-5
src/util.c
src/util.c
+30
-9
src/util.h
src/util.h
+2
-0
No files found.
src/connection.c
View file @
f349c3bf
...
...
@@ -344,7 +344,7 @@ static void *_handle_connection(void *arg)
int
bytes
;
struct
stat
statbuf
;
char
*
fullpath
;
char
*
uri
;
char
*
rawuri
,
*
uri
;
while
(
global
.
running
==
ICE_RUNNING
)
{
memset
(
header
,
0
,
4096
);
...
...
@@ -377,7 +377,17 @@ static void *_handle_connection(void *arg)
continue
;
}
uri
=
httpp_getvar
(
parser
,
HTTPP_VAR_URI
);
rawuri
=
httpp_getvar
(
parser
,
HTTPP_VAR_URI
);
uri
=
util_normalise_uri
(
rawuri
);
if
(
!
uri
)
{
client
=
client_create
(
con
,
parser
);
bytes
=
sock_write
(
client
->
con
->
sock
,
"HTTP/1.0 404 File Not Found
\r\n
Content-Type: text/html
\r\n\r\n
"
\
"<b>The path you requested was invalid.</b>
\r\n
"
);
if
(
bytes
>
0
)
client
->
con
->
sent_bytes
=
bytes
;
client_destroy
(
client
);
continue
;
}
if
(
parser
->
req_type
==
httpp_req_source
)
{
INFO1
(
"Source logging in at mountpoint
\"
%s
\"
"
,
uri
);
...
...
@@ -387,6 +397,7 @@ static void *_handle_connection(void *arg)
INFO1
(
"Source (%s) attempted to login with bad password"
,
uri
);
connection_close
(
con
);
httpp_destroy
(
parser
);
free
(
uri
);
continue
;
}
...
...
@@ -399,6 +410,7 @@ static void *_handle_connection(void *arg)
INFO1
(
"Source tried to log in as %s, but is already used"
,
uri
);
connection_close
(
con
);
httpp_destroy
(
parser
);
free
(
uri
);
avl_tree_unlock
(
global
.
source_tree
);
continue
;
}
...
...
@@ -407,6 +419,7 @@ static void *_handle_connection(void *arg)
if
(
!
connection_create_source
(
con
,
parser
,
uri
))
{
connection_close
(
con
);
httpp_destroy
(
parser
);
free
(
uri
);
}
continue
;
...
...
@@ -417,6 +430,7 @@ static void *_handle_connection(void *arg)
ERROR0
(
"Bad password for stats connection"
);
connection_close
(
con
);
httpp_destroy
(
parser
);
free
(
uri
);
continue
;
}
...
...
@@ -428,7 +442,8 @@ static void *_handle_connection(void *arg)
stats
->
con
=
con
;
thread_create
(
"Stats Connection"
,
stats_connection
,
(
void
*
)
stats
,
THREAD_DETACHED
);
free
(
uri
);
continue
;
}
else
if
(
parser
->
req_type
==
httpp_req_play
||
parser
->
req_type
==
httpp_req_get
)
{
DEBUG0
(
"Client connected"
);
...
...
@@ -449,6 +464,7 @@ static void *_handle_connection(void *arg)
DEBUG0
(
"Stats request, sending xml stats"
);
stats_sendxml
(
client
);
client_destroy
(
client
);
free
(
uri
);
continue
;
}
...
...
@@ -456,8 +472,8 @@ static void *_handle_connection(void *arg)
** if the extension is .xsl, if so, then process
** this request as an XSLT request
*/
fullpath
=
util_get_path_from_uri
(
uri
);
if
(
fullpath
&&
util_check_valid_extension
(
fullpath
)
==
XSLT_CONTENT
)
{
fullpath
=
util_get_path_from_
normalised_
uri
(
uri
);
if
(
util_check_valid_extension
(
fullpath
)
==
XSLT_CONTENT
)
{
/* If the file exists, then transform it, otherwise, write a 404 error */
if
(
stat
(
fullpath
,
&
statbuf
)
==
0
)
{
DEBUG0
(
"Stats request, sending XSL transformed stats"
);
...
...
@@ -470,9 +486,12 @@ static void *_handle_connection(void *arg)
"<b>The file you requested could not be found.</b>
\r\n
"
);
if
(
bytes
>
0
)
client
->
con
->
sent_bytes
=
bytes
;
}
free
(
fullpath
);
free
(
uri
);
client_destroy
(
client
);
continue
;
}
free
(
fullpath
);
if
(
strcmp
(
util_get_extension
(
uri
),
"m3u"
)
==
0
)
{
char
*
sourceuri
=
strdup
(
uri
);
...
...
@@ -496,6 +515,8 @@ static void *_handle_connection(void *arg)
}
avl_tree_unlock
(
global
.
source_tree
);
if
(
bytes
>
0
)
client
->
con
->
sent_bytes
=
bytes
;
free
(
sourceuri
);
free
(
uri
);
client_destroy
(
client
);
continue
;
}
...
...
@@ -526,6 +547,7 @@ static void *_handle_connection(void *arg)
}
avl_tree_unlock
(
global
.
source_tree
);
}
free
(
uri
);
client_destroy
(
client
);
continue
;
}
...
...
@@ -540,6 +562,7 @@ static void *_handle_connection(void *arg)
}
client_destroy
(
client
);
global_unlock
();
free
(
uri
);
continue
;
}
global_unlock
();
...
...
@@ -557,6 +580,7 @@ static void *_handle_connection(void *arg)
"<b>The server is already full. Try again later.</b>
\r\n
"
);
if
(
bytes
>
0
)
client
->
con
->
sent_bytes
=
bytes
;
}
free
(
uri
);
client_destroy
(
client
);
global_unlock
();
continue
;
...
...
@@ -605,11 +629,13 @@ static void *_handle_connection(void *arg)
client_destroy
(
client
);
}
free
(
uri
);
continue
;
}
else
{
ERROR0
(
"Wrong request type from client"
);
connection_close
(
con
);
httpp_destroy
(
parser
);
free
(
uri
);
continue
;
}
}
else
{
...
...
src/util.c
View file @
f349c3bf
...
...
@@ -182,13 +182,39 @@ static int verify_path(char *path) {
return
1
;
}
char
*
util_get_path_from_uri
(
char
*
uri
)
{
char
*
path
=
util_normalise_uri
(
uri
);
char
*
fullpath
;
if
(
!
path
)
return
NULL
;
else
{
fullpath
=
util_get_path_from_normalised_uri
(
path
);
free
(
path
);
return
fullpath
;
}
}
char
*
util_get_path_from_normalised_uri
(
char
*
uri
)
{
char
*
fullpath
;
fullpath
=
malloc
(
strlen
(
uri
)
+
strlen
(
config_get_config
()
->
webroot_dir
)
+
1
);
strcpy
(
fullpath
,
config_get_config
()
->
webroot_dir
);
strcat
(
fullpath
,
uri
);
return
fullpath
;
}
/* Get an absolute path (from the webroot dir) from a URI. Return NULL if the
* path contains 'disallowed' sequences like foo/../ (which could be used to
* escape from the webroot) or if it cannot be URI-decoded.
* Caller should free the path.
*/
char
*
util_get_path_from_uri
(
char
*
uri
)
{
char
*
root
=
config_get_config
()
->
webroot_dir
;
char
*
util_normalise_uri
(
char
*
uri
)
{
int
urilen
=
strlen
(
uri
);
unsigned
char
*
path
;
char
*
dst
;
...
...
@@ -198,12 +224,9 @@ char *util_get_path_from_uri(char *uri) {
if
(
uri
[
0
]
!=
'/'
)
return
NULL
;
path
=
calloc
(
1
,
urilen
+
strlen
(
root
)
+
1
);
strcpy
(
path
,
root
);
dst
=
path
+
strlen
(
root
);
path
=
calloc
(
1
,
urilen
+
1
);
dst
=
path
;
for
(
i
=
0
;
i
<
urilen
;
i
++
)
{
switch
(
uri
[
i
])
{
...
...
@@ -236,8 +259,6 @@ char *util_get_path_from_uri(char *uri) {
break
;
}
DEBUG1
(
"After URI-decode path is
\"
%s
\"
"
,
path
);
*
dst
=
0
;
/* null terminator */
/* We now have a full URI-decoded path. Check it for allowability */
...
...
src/util.h
View file @
f349c3bf
...
...
@@ -9,5 +9,7 @@ int util_read_header(int sock, char *buff, unsigned long len);
int
util_check_valid_extension
(
char
*
uri
);
char
*
util_get_extension
(
char
*
path
);
char
*
util_get_path_from_uri
(
char
*
uri
);
char
*
util_get_path_from_normalised_uri
(
char
*
uri
);
char
*
util_normalise_uri
(
char
*
uri
);
#endif
/* __UTIL_H__ */
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment