diff options
author | David Edmondson <david.edmondson@oracle.com> | 2020-02-24 10:13:09 +0000 |
---|---|---|
committer | Max Reitz <mreitz@redhat.com> | 2020-03-11 12:42:29 +0100 |
commit | 7788a319399f17476ff1dd43164c869e320820a2 (patch) | |
tree | f03728127bec53e96be72d928befac297f1b8d8f | |
parent | c13de3b32fdeffb3e53494fd7d5cecb67cb65799 (diff) | |
download | qemu-7788a319399f17476ff1dd43164c869e320820a2.zip qemu-7788a319399f17476ff1dd43164c869e320820a2.tar.gz qemu-7788a319399f17476ff1dd43164c869e320820a2.tar.bz2 |
block/curl: HTTP header fields allow whitespace around values
RFC 7230 section 3.2 indicates that whitespace is permitted between
the field name and field value and after the field value.
Signed-off-by: David Edmondson <david.edmondson@oracle.com>
Message-Id: <20200224101310.101169-2-david.edmondson@oracle.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
-rw-r--r-- | block/curl.c | 31 |
1 files changed, 27 insertions, 4 deletions
diff --git a/block/curl.c b/block/curl.c index f862993..f9ffb7f 100644 --- a/block/curl.c +++ b/block/curl.c @@ -214,11 +214,34 @@ static size_t curl_header_cb(void *ptr, size_t size, size_t nmemb, void *opaque) { BDRVCURLState *s = opaque; size_t realsize = size * nmemb; - const char *accept_line = "Accept-Ranges: bytes"; + const char *header = (char *)ptr; + const char *end = header + realsize; + const char *accept_ranges = "Accept-Ranges:"; + const char *bytes = "bytes"; - if (realsize >= strlen(accept_line) - && strncmp((char *)ptr, accept_line, strlen(accept_line)) == 0) { - s->accept_range = true; + if (realsize >= strlen(accept_ranges) + && strncmp(header, accept_ranges, strlen(accept_ranges)) == 0) { + + char *p = strchr(header, ':') + 1; + + /* Skip whitespace between the header name and value. */ + while (p < end && *p && g_ascii_isspace(*p)) { + p++; + } + + if (end - p >= strlen(bytes) + && strncmp(p, bytes, strlen(bytes)) == 0) { + + /* Check that there is nothing but whitespace after the value. */ + p += strlen(bytes); + while (p < end && *p && g_ascii_isspace(*p)) { + p++; + } + + if (p == end || !*p) { + s->accept_range = true; + } + } } return realsize; |