cryptospore / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone

Blame SOURCES/kvm-block-curl-HTTP-header-fields-allow-whitespace-aroun.patch

77c23f
From e5ac775de83d3d22f13c74ab198780b8b579f684 Mon Sep 17 00:00:00 2001
77c23f
From: Richard Jones <rjones@redhat.com>
77c23f
Date: Thu, 28 May 2020 14:27:36 +0100
77c23f
Subject: [PATCH 02/26] block/curl: HTTP header fields allow whitespace around
77c23f
 values
77c23f
77c23f
RH-Author: Richard Jones <rjones@redhat.com>
77c23f
Message-id: <20200528142737.17318-2-rjones@redhat.com>
77c23f
Patchwork-id: 96894
77c23f
O-Subject: [RHEL-AV-8.2.1 qemu-kvm PATCH 1/2] block/curl: HTTP header fields allow whitespace around values
77c23f
Bugzilla: 1841038
77c23f
RH-Acked-by: Eric Blake <eblake@redhat.com>
77c23f
RH-Acked-by: Max Reitz <mreitz@redhat.com>
77c23f
RH-Acked-by: Danilo de Paula <ddepaula@redhat.com>
77c23f
77c23f
From: David Edmondson <david.edmondson@oracle.com>
77c23f
77c23f
RFC 7230 section 3.2 indicates that whitespace is permitted between
77c23f
the field name and field value and after the field value.
77c23f
77c23f
Signed-off-by: David Edmondson <david.edmondson@oracle.com>
77c23f
Message-Id: <20200224101310.101169-2-david.edmondson@oracle.com>
77c23f
Reviewed-by: Max Reitz <mreitz@redhat.com>
77c23f
Signed-off-by: Max Reitz <mreitz@redhat.com>
77c23f
(cherry picked from commit 7788a319399f17476ff1dd43164c869e320820a2)
77c23f
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
77c23f
---
77c23f
 block/curl.c | 31 +++++++++++++++++++++++++++----
77c23f
 1 file changed, 27 insertions(+), 4 deletions(-)
77c23f
77c23f
diff --git a/block/curl.c b/block/curl.c
77c23f
index f862993..f9ffb7f 100644
77c23f
--- a/block/curl.c
77c23f
+++ b/block/curl.c
77c23f
@@ -214,11 +214,34 @@ static size_t curl_header_cb(void *ptr, size_t size, size_t nmemb, void *opaque)
77c23f
 {
77c23f
     BDRVCURLState *s = opaque;
77c23f
     size_t realsize = size * nmemb;
77c23f
-    const char *accept_line = "Accept-Ranges: bytes";
77c23f
+    const char *header = (char *)ptr;
77c23f
+    const char *end = header + realsize;
77c23f
+    const char *accept_ranges = "Accept-Ranges:";
77c23f
+    const char *bytes = "bytes";
77c23f
 
77c23f
-    if (realsize >= strlen(accept_line)
77c23f
-        && strncmp((char *)ptr, accept_line, strlen(accept_line)) == 0) {
77c23f
-        s->accept_range = true;
77c23f
+    if (realsize >= strlen(accept_ranges)
77c23f
+        && strncmp(header, accept_ranges, strlen(accept_ranges)) == 0) {
77c23f
+
77c23f
+        char *p = strchr(header, ':') + 1;
77c23f
+
77c23f
+        /* Skip whitespace between the header name and value. */
77c23f
+        while (p < end && *p && g_ascii_isspace(*p)) {
77c23f
+            p++;
77c23f
+        }
77c23f
+
77c23f
+        if (end - p >= strlen(bytes)
77c23f
+            && strncmp(p, bytes, strlen(bytes)) == 0) {
77c23f
+
77c23f
+            /* Check that there is nothing but whitespace after the value. */
77c23f
+            p += strlen(bytes);
77c23f
+            while (p < end && *p && g_ascii_isspace(*p)) {
77c23f
+                p++;
77c23f
+            }
77c23f
+
77c23f
+            if (p == end || !*p) {
77c23f
+                s->accept_range = true;
77c23f
+            }
77c23f
+        }
77c23f
     }
77c23f
 
77c23f
     return realsize;
77c23f
-- 
77c23f
1.8.3.1
77c23f