Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Xiph.Org
Icecast-Server
Commits
f349c3bf
Commit
f349c3bf
authored
Aug 11, 2002
by
Michael Smith
Browse files
More path handling cleanups, and memory leak fixes.
svn path=/trunk/icecast/; revision=3804
parent
850cf995
Changes
3
Hide whitespace changes
Inline
Side-by-side
src/connection.c
View file @
f349c3bf
...
...
@@ -344,7 +344,7 @@ static void *_handle_connection(void *arg)
int
bytes
;
struct
stat
statbuf
;
char
*
fullpath
;
char
*
uri
;
char
*
rawuri
,
*
uri
;
while
(
global
.
running
==
ICE_RUNNING
)
{
memset
(
header
,
0
,
4096
);
...
...
@@ -377,7 +377,17 @@ static void *_handle_connection(void *arg)
continue
;
}
uri
=
httpp_getvar
(
parser
,
HTTPP_VAR_URI
);
rawuri
=
httpp_getvar
(
parser
,
HTTPP_VAR_URI
);
uri
=
util_normalise_uri
(
rawuri
);
if
(
!
uri
)
{
client
=
client_create
(
con
,
parser
);
bytes
=
sock_write
(
client
->
con
->
sock
,
"HTTP/1.0 404 File Not Found
\r\n
Content-Type: text/html
\r\n\r\n
"
\
"<b>The path you requested was invalid.</b>
\r\n
"
);
if
(
bytes
>
0
)
client
->
con
->
sent_bytes
=
bytes
;
client_destroy
(
client
);
continue
;
}
if
(
parser
->
req_type
==
httpp_req_source
)
{
INFO1
(
"Source logging in at mountpoint
\"
%s
\"
"
,
uri
);
...
...
@@ -387,6 +397,7 @@ static void *_handle_connection(void *arg)
INFO1
(
"Source (%s) attempted to login with bad password"
,
uri
);
connection_close
(
con
);
httpp_destroy
(
parser
);
free
(
uri
);
continue
;
}
...
...
@@ -399,6 +410,7 @@ static void *_handle_connection(void *arg)
INFO1
(
"Source tried to log in as %s, but is already used"
,
uri
);
connection_close
(
con
);
httpp_destroy
(
parser
);
free
(
uri
);
avl_tree_unlock
(
global
.
source_tree
);
continue
;
}
...
...
@@ -407,6 +419,7 @@ static void *_handle_connection(void *arg)
if
(
!
connection_create_source
(
con
,
parser
,
uri
))
{
connection_close
(
con
);
httpp_destroy
(
parser
);
free
(
uri
);
}
continue
;
...
...
@@ -417,6 +430,7 @@ static void *_handle_connection(void *arg)
ERROR0
(
"Bad password for stats connection"
);
connection_close
(
con
);
httpp_destroy
(
parser
);
free
(
uri
);
continue
;
}
...
...
@@ -428,7 +442,8 @@ static void *_handle_connection(void *arg)
stats
->
con
=
con
;
thread_create
(
"Stats Connection"
,
stats_connection
,
(
void
*
)
stats
,
THREAD_DETACHED
);
free
(
uri
);
continue
;
}
else
if
(
parser
->
req_type
==
httpp_req_play
||
parser
->
req_type
==
httpp_req_get
)
{
DEBUG0
(
"Client connected"
);
...
...
@@ -449,6 +464,7 @@ static void *_handle_connection(void *arg)
DEBUG0
(
"Stats request, sending xml stats"
);
stats_sendxml
(
client
);
client_destroy
(
client
);
free
(
uri
);
continue
;
}
...
...
@@ -456,8 +472,8 @@ static void *_handle_connection(void *arg)
** if the extension is .xsl, if so, then process
** this request as an XSLT request
*/
fullpath
=
util_get_path_from_uri
(
uri
);
if
(
fullpath
&&
util_check_valid_extension
(
fullpath
)
==
XSLT_CONTENT
)
{
fullpath
=
util_get_path_from_
normalised_
uri
(
uri
);
if
(
util_check_valid_extension
(
fullpath
)
==
XSLT_CONTENT
)
{
/* If the file exists, then transform it, otherwise, write a 404 error */
if
(
stat
(
fullpath
,
&
statbuf
)
==
0
)
{
DEBUG0
(
"Stats request, sending XSL transformed stats"
);
...
...
@@ -470,9 +486,12 @@ static void *_handle_connection(void *arg)
"<b>The file you requested could not be found.</b>
\r\n
"
);
if
(
bytes
>
0
)
client
->
con
->
sent_bytes
=
bytes
;
}
free
(
fullpath
);
free
(
uri
);
client_destroy
(
client
);
continue
;
}
free
(
fullpath
);
if
(
strcmp
(
util_get_extension
(
uri
),
"m3u"
)
==
0
)
{
char
*
sourceuri
=
strdup
(
uri
);
...
...
@@ -496,6 +515,8 @@ static void *_handle_connection(void *arg)
}
avl_tree_unlock
(
global
.
source_tree
);
if
(
bytes
>
0
)
client
->
con
->
sent_bytes
=
bytes
;
free
(
sourceuri
);
free
(
uri
);
client_destroy
(
client
);
continue
;
}
...
...
@@ -526,6 +547,7 @@ static void *_handle_connection(void *arg)
}
avl_tree_unlock
(
global
.
source_tree
);
}
free
(
uri
);
client_destroy
(
client
);
continue
;
}
...
...
@@ -540,6 +562,7 @@ static void *_handle_connection(void *arg)
}
client_destroy
(
client
);
global_unlock
();
free
(
uri
);
continue
;
}
global_unlock
();
...
...
@@ -557,6 +580,7 @@ static void *_handle_connection(void *arg)
"<b>The server is already full. Try again later.</b>
\r\n
"
);
if
(
bytes
>
0
)
client
->
con
->
sent_bytes
=
bytes
;
}
free
(
uri
);
client_destroy
(
client
);
global_unlock
();
continue
;
...
...
@@ -605,11 +629,13 @@ static void *_handle_connection(void *arg)
client_destroy
(
client
);
}
free
(
uri
);
continue
;
}
else
{
ERROR0
(
"Wrong request type from client"
);
connection_close
(
con
);
httpp_destroy
(
parser
);
free
(
uri
);
continue
;
}
}
else
{
...
...
src/util.c
View file @
f349c3bf
...
...
@@ -182,13 +182,39 @@ static int verify_path(char *path) {
return
1
;
}
char
*
util_get_path_from_uri
(
char
*
uri
)
{
char
*
path
=
util_normalise_uri
(
uri
);
char
*
fullpath
;
if
(
!
path
)
return
NULL
;
else
{
fullpath
=
util_get_path_from_normalised_uri
(
path
);
free
(
path
);
return
fullpath
;
}
}
char
*
util_get_path_from_normalised_uri
(
char
*
uri
)
{
char
*
fullpath
;
fullpath
=
malloc
(
strlen
(
uri
)
+
strlen
(
config_get_config
()
->
webroot_dir
)
+
1
);
strcpy
(
fullpath
,
config_get_config
()
->
webroot_dir
);
strcat
(
fullpath
,
uri
);
return
fullpath
;
}
/* Get an absolute path (from the webroot dir) from a URI. Return NULL if the
* path contains 'disallowed' sequences like foo/../ (which could be used to
* escape from the webroot) or if it cannot be URI-decoded.
* Caller should free the path.
*/
char
*
util_get_path_from_uri
(
char
*
uri
)
{
char
*
root
=
config_get_config
()
->
webroot_dir
;
char
*
util_normalise_uri
(
char
*
uri
)
{
int
urilen
=
strlen
(
uri
);
unsigned
char
*
path
;
char
*
dst
;
...
...
@@ -198,12 +224,9 @@ char *util_get_path_from_uri(char *uri) {
if
(
uri
[
0
]
!=
'/'
)
return
NULL
;
path
=
calloc
(
1
,
urilen
+
strlen
(
root
)
+
1
);
strcpy
(
path
,
root
);
dst
=
path
+
strlen
(
root
);
path
=
calloc
(
1
,
urilen
+
1
);
dst
=
path
;
for
(
i
=
0
;
i
<
urilen
;
i
++
)
{
switch
(
uri
[
i
])
{
...
...
@@ -236,8 +259,6 @@ char *util_get_path_from_uri(char *uri) {
break
;
}
DEBUG1
(
"After URI-decode path is
\"
%s
\"
"
,
path
);
*
dst
=
0
;
/* null terminator */
/* We now have a full URI-decoded path. Check it for allowability */
...
...
src/util.h
View file @
f349c3bf
...
...
@@ -9,5 +9,7 @@ int util_read_header(int sock, char *buff, unsigned long len);
int
util_check_valid_extension
(
char
*
uri
);
char
*
util_get_extension
(
char
*
path
);
char
*
util_get_path_from_uri
(
char
*
uri
);
char
*
util_get_path_from_normalised_uri
(
char
*
uri
);
char
*
util_normalise_uri
(
char
*
uri
);
#endif
/* __UTIL_H__ */
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment