1 /*************************************************************************** 2 * _ _ ____ _ 3 * Project ___| | | | _ \| | 4 * / __| | | | |_) | | 5 * | (__| |_| | _ <| |___ 6 * \___|\___/|_| \_\_____| 7 * 8 * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel (at) haxx.se>, et al. 9 * 10 * This software is licensed as described in the file COPYING, which 11 * you should have received as part of this distribution. The terms 12 * are also available at https://curl.haxx.se/docs/copyright.html. 13 * 14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell 15 * copies of the Software, and permit persons to whom the Software is 16 * furnished to do so, under the terms of the COPYING file. 17 * 18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 19 * KIND, either express or implied. 20 * 21 ***************************************************************************/ 22 23 #include "curl_setup.h" 24 25 #ifndef CURL_DISABLE_HTTP 26 27 #include "urldata.h" /* it includes http_chunks.h */ 28 #include "sendf.h" /* for the client write stuff */ 29 30 #include "content_encoding.h" 31 #include "http.h" 32 #include "non-ascii.h" /* for Curl_convert_to_network prototype */ 33 #include "strtoofft.h" 34 #include "warnless.h" 35 36 /* The last #include files should be: */ 37 #include "curl_memory.h" 38 #include "memdebug.h" 39 40 /* 41 * Chunk format (simplified): 42 * 43 * <HEX SIZE>[ chunk extension ] CRLF 44 * <DATA> CRLF 45 * 46 * Highlights from RFC2616 section 3.6 say: 47 48 The chunked encoding modifies the body of a message in order to 49 transfer it as a series of chunks, each with its own size indicator, 50 followed by an OPTIONAL trailer containing entity-header fields. This 51 allows dynamically produced content to be transferred along with the 52 information necessary for the recipient to verify that it has 53 received the full message. 54 55 Chunked-Body = *chunk 56 last-chunk 57 trailer 58 CRLF 59 60 chunk = chunk-size [ chunk-extension ] CRLF 61 chunk-data CRLF 62 chunk-size = 1*HEX 63 last-chunk = 1*("0") [ chunk-extension ] CRLF 64 65 chunk-extension= *( ";" chunk-ext-name [ "=" chunk-ext-val ] ) 66 chunk-ext-name = token 67 chunk-ext-val = token | quoted-string 68 chunk-data = chunk-size(OCTET) 69 trailer = *(entity-header CRLF) 70 71 The chunk-size field is a string of hex digits indicating the size of 72 the chunk. The chunked encoding is ended by any chunk whose size is 73 zero, followed by the trailer, which is terminated by an empty line. 74 75 */ 76 77 /* Check for an ASCII hex digit. 78 We avoid the use of isxdigit to accommodate non-ASCII hosts. */ 79 static bool Curl_isxdigit(char digit) 80 { 81 return ( (digit >= 0x30 && digit <= 0x39) /* 0-9 */ 82 || (digit >= 0x41 && digit <= 0x46) /* A-F */ 83 || (digit >= 0x61 && digit <= 0x66) /* a-f */) ? TRUE : FALSE; 84 } 85 86 void Curl_httpchunk_init(struct connectdata *conn) 87 { 88 struct Curl_chunker *chunk = &conn->chunk; 89 chunk->hexindex=0; /* start at 0 */ 90 chunk->dataleft=0; /* no data left yet! */ 91 chunk->state = CHUNK_HEX; /* we get hex first! */ 92 } 93 94 /* 95 * chunk_read() returns a OK for normal operations, or a positive return code 96 * for errors. STOP means this sequence of chunks is complete. The 'wrote' 97 * argument is set to tell the caller how many bytes we actually passed to the 98 * client (for byte-counting and whatever). 99 * 100 * The states and the state-machine is further explained in the header file. 101 * 102 * This function always uses ASCII hex values to accommodate non-ASCII hosts. 103 * For example, 0x0d and 0x0a are used instead of '\r' and '\n'. 104 */ 105 CHUNKcode Curl_httpchunk_read(struct connectdata *conn, 106 char *datap, 107 ssize_t datalen, 108 ssize_t *wrotep) 109 { 110 CURLcode result=CURLE_OK; 111 struct Curl_easy *data = conn->data; 112 struct Curl_chunker *ch = &conn->chunk; 113 struct SingleRequest *k = &data->req; 114 size_t piece; 115 curl_off_t length = (curl_off_t)datalen; 116 size_t *wrote = (size_t *)wrotep; 117 118 *wrote = 0; /* nothing's written yet */ 119 120 /* the original data is written to the client, but we go on with the 121 chunk read process, to properly calculate the content length*/ 122 if(data->set.http_te_skip && !k->ignorebody) { 123 result = Curl_client_write(conn, CLIENTWRITE_BODY, datap, datalen); 124 if(result) 125 return CHUNKE_WRITE_ERROR; 126 } 127 128 while(length) { 129 switch(ch->state) { 130 case CHUNK_HEX: 131 if(Curl_isxdigit(*datap)) { 132 if(ch->hexindex < MAXNUM_SIZE) { 133 ch->hexbuffer[ch->hexindex] = *datap; 134 datap++; 135 length--; 136 ch->hexindex++; 137 } 138 else { 139 return CHUNKE_TOO_LONG_HEX; /* longer hex than we support */ 140 } 141 } 142 else { 143 char *endptr; 144 if(0 == ch->hexindex) 145 /* This is illegal data, we received junk where we expected 146 a hexadecimal digit. */ 147 return CHUNKE_ILLEGAL_HEX; 148 149 /* length and datap are unmodified */ 150 ch->hexbuffer[ch->hexindex]=0; 151 152 /* convert to host encoding before calling strtoul */ 153 result = Curl_convert_from_network(conn->data, ch->hexbuffer, 154 ch->hexindex); 155 if(result) { 156 /* Curl_convert_from_network calls failf if unsuccessful */ 157 /* Treat it as a bad hex character */ 158 return CHUNKE_ILLEGAL_HEX; 159 } 160 161 ch->datasize=curlx_strtoofft(ch->hexbuffer, &endptr, 16); 162 if((ch->datasize == CURL_OFF_T_MAX) && (errno == ERANGE)) 163 /* overflow is an error */ 164 return CHUNKE_ILLEGAL_HEX; 165 ch->state = CHUNK_LF; /* now wait for the CRLF */ 166 } 167 break; 168 169 case CHUNK_LF: 170 /* waiting for the LF after a chunk size */ 171 if(*datap == 0x0a) { 172 /* we're now expecting data to come, unless size was zero! */ 173 if(0 == ch->datasize) { 174 ch->state = CHUNK_TRAILER; /* now check for trailers */ 175 conn->trlPos=0; 176 } 177 else 178 ch->state = CHUNK_DATA; 179 } 180 181 datap++; 182 length--; 183 break; 184 185 case CHUNK_DATA: 186 /* We expect 'datasize' of data. We have 'length' right now, it can be 187 more or less than 'datasize'. Get the smallest piece. 188 */ 189 piece = curlx_sotouz((ch->datasize >= length)?length:ch->datasize); 190 191 /* Write the data portion available */ 192 #ifdef HAVE_LIBZ 193 switch (conn->data->set.http_ce_skip? 194 IDENTITY : data->req.auto_decoding) { 195 case IDENTITY: 196 #endif 197 if(!k->ignorebody) { 198 if(!data->set.http_te_skip) 199 result = Curl_client_write(conn, CLIENTWRITE_BODY, datap, 200 piece); 201 else 202 result = CURLE_OK; 203 } 204 #ifdef HAVE_LIBZ 205 break; 206 207 case DEFLATE: 208 /* update data->req.keep.str to point to the chunk data. */ 209 data->req.str = datap; 210 result = Curl_unencode_deflate_write(conn, &data->req, 211 (ssize_t)piece); 212 break; 213 214 case GZIP: 215 /* update data->req.keep.str to point to the chunk data. */ 216 data->req.str = datap; 217 result = Curl_unencode_gzip_write(conn, &data->req, 218 (ssize_t)piece); 219 break; 220 221 default: 222 failf (conn->data, 223 "Unrecognized content encoding type. " 224 "libcurl understands `identity', `deflate' and `gzip' " 225 "content encodings."); 226 return CHUNKE_BAD_ENCODING; 227 } 228 #endif 229 230 if(result) 231 return CHUNKE_WRITE_ERROR; 232 233 *wrote += piece; 234 235 ch->datasize -= piece; /* decrease amount left to expect */ 236 datap += piece; /* move read pointer forward */ 237 length -= piece; /* decrease space left in this round */ 238 239 if(0 == ch->datasize) 240 /* end of data this round, we now expect a trailing CRLF */ 241 ch->state = CHUNK_POSTLF; 242 break; 243 244 case CHUNK_POSTLF: 245 if(*datap == 0x0a) { 246 /* The last one before we go back to hex state and start all over. */ 247 Curl_httpchunk_init(conn); /* sets state back to CHUNK_HEX */ 248 } 249 else if(*datap != 0x0d) 250 return CHUNKE_BAD_CHUNK; 251 datap++; 252 length--; 253 break; 254 255 case CHUNK_TRAILER: 256 if((*datap == 0x0d) || (*datap == 0x0a)) { 257 /* this is the end of a trailer, but if the trailer was zero bytes 258 there was no trailer and we move on */ 259 260 if(conn->trlPos) { 261 /* we allocate trailer with 3 bytes extra room to fit this */ 262 conn->trailer[conn->trlPos++]=0x0d; 263 conn->trailer[conn->trlPos++]=0x0a; 264 conn->trailer[conn->trlPos]=0; 265 266 /* Convert to host encoding before calling Curl_client_write */ 267 result = Curl_convert_from_network(conn->data, conn->trailer, 268 conn->trlPos); 269 if(result) 270 /* Curl_convert_from_network calls failf if unsuccessful */ 271 /* Treat it as a bad chunk */ 272 return CHUNKE_BAD_CHUNK; 273 274 if(!data->set.http_te_skip) { 275 result = Curl_client_write(conn, CLIENTWRITE_HEADER, 276 conn->trailer, conn->trlPos); 277 if(result) 278 return CHUNKE_WRITE_ERROR; 279 } 280 conn->trlPos=0; 281 ch->state = CHUNK_TRAILER_CR; 282 if(*datap == 0x0a) 283 /* already on the LF */ 284 break; 285 } 286 else { 287 /* no trailer, we're on the final CRLF pair */ 288 ch->state = CHUNK_TRAILER_POSTCR; 289 break; /* don't advance the pointer */ 290 } 291 } 292 else { 293 /* conn->trailer is assumed to be freed in url.c on a 294 connection basis */ 295 if(conn->trlPos >= conn->trlMax) { 296 /* we always allocate three extra bytes, just because when the full 297 header has been received we append CRLF\0 */ 298 char *ptr; 299 if(conn->trlMax) { 300 conn->trlMax *= 2; 301 ptr = realloc(conn->trailer, conn->trlMax + 3); 302 } 303 else { 304 conn->trlMax=128; 305 ptr = malloc(conn->trlMax + 3); 306 } 307 if(!ptr) 308 return CHUNKE_OUT_OF_MEMORY; 309 conn->trailer = ptr; 310 } 311 conn->trailer[conn->trlPos++]=*datap; 312 } 313 datap++; 314 length--; 315 break; 316 317 case CHUNK_TRAILER_CR: 318 if(*datap == 0x0a) { 319 ch->state = CHUNK_TRAILER_POSTCR; 320 datap++; 321 length--; 322 } 323 else 324 return CHUNKE_BAD_CHUNK; 325 break; 326 327 case CHUNK_TRAILER_POSTCR: 328 /* We enter this state when a CR should arrive so we expect to 329 have to first pass a CR before we wait for LF */ 330 if((*datap != 0x0d) && (*datap != 0x0a)) { 331 /* not a CR then it must be another header in the trailer */ 332 ch->state = CHUNK_TRAILER; 333 break; 334 } 335 if(*datap == 0x0d) { 336 /* skip if CR */ 337 datap++; 338 length--; 339 } 340 /* now wait for the final LF */ 341 ch->state = CHUNK_STOP; 342 break; 343 344 case CHUNK_STOP: 345 if(*datap == 0x0a) { 346 length--; 347 348 /* Record the length of any data left in the end of the buffer 349 even if there's no more chunks to read */ 350 ch->dataleft = curlx_sotouz(length); 351 352 return CHUNKE_STOP; /* return stop */ 353 } 354 else 355 return CHUNKE_BAD_CHUNK; 356 } 357 } 358 return CHUNKE_OK; 359 } 360 361 const char *Curl_chunked_strerror(CHUNKcode code) 362 { 363 switch (code) { 364 default: 365 return "OK"; 366 case CHUNKE_TOO_LONG_HEX: 367 return "Too long hexadecimal number"; 368 case CHUNKE_ILLEGAL_HEX: 369 return "Illegal or missing hexadecimal sequence"; 370 case CHUNKE_BAD_CHUNK: 371 return "Malformed encoding found"; 372 case CHUNKE_WRITE_ERROR: 373 return "Write error"; 374 case CHUNKE_BAD_ENCODING: 375 return "Bad content-encoding found"; 376 case CHUNKE_OUT_OF_MEMORY: 377 return "Out of memory"; 378 } 379 } 380 381 #endif /* CURL_DISABLE_HTTP */ 382