Fossil SCM
ssl_read_server() now returns 0 on read error and lets the higher-level code deal with the short read. This might resolve the issue under discussion in [forum:/forumpost/2f818850abb72719 | forum post 2f818850abb72719].
Commit
acffc8f7858254ebb5c0c06b6af79fbc56085d5d4740047ca5aa46dc89e31689
Parent
605064e656ca56c…
2 files changed
+3
-1
+1
-3
+3
-1
| --- src/cgi.c | ||
| +++ src/cgi.c | ||
| @@ -1383,11 +1383,13 @@ | ||
| 1383 | 1383 | */ |
| 1384 | 1384 | cgi_set_content_type(json_guess_content_type()); |
| 1385 | 1385 | } |
| 1386 | 1386 | #endif /* FOSSIL_ENABLE_JSON */ |
| 1387 | 1387 | else{ |
| 1388 | - blob_read_from_cgi(&g.cgiIn, len); | |
| 1388 | + if( blob_read_from_cgi(&g.cgiIn, len)!=len ){ | |
| 1389 | + malformed_request("CGI content-length mismatch"); | |
| 1390 | + } | |
| 1389 | 1391 | } |
| 1390 | 1392 | } |
| 1391 | 1393 | } |
| 1392 | 1394 | |
| 1393 | 1395 | /* |
| 1394 | 1396 |
| --- src/cgi.c | |
| +++ src/cgi.c | |
| @@ -1383,11 +1383,13 @@ | |
| 1383 | */ |
| 1384 | cgi_set_content_type(json_guess_content_type()); |
| 1385 | } |
| 1386 | #endif /* FOSSIL_ENABLE_JSON */ |
| 1387 | else{ |
| 1388 | blob_read_from_cgi(&g.cgiIn, len); |
| 1389 | } |
| 1390 | } |
| 1391 | } |
| 1392 | |
| 1393 | /* |
| 1394 |
| --- src/cgi.c | |
| +++ src/cgi.c | |
| @@ -1383,11 +1383,13 @@ | |
| 1383 | */ |
| 1384 | cgi_set_content_type(json_guess_content_type()); |
| 1385 | } |
| 1386 | #endif /* FOSSIL_ENABLE_JSON */ |
| 1387 | else{ |
| 1388 | if( blob_read_from_cgi(&g.cgiIn, len)!=len ){ |
| 1389 | malformed_request("CGI content-length mismatch"); |
| 1390 | } |
| 1391 | } |
| 1392 | } |
| 1393 | } |
| 1394 | |
| 1395 | /* |
| 1396 |
+1
-3
| --- src/http_ssl.c | ||
| +++ src/http_ssl.c | ||
| @@ -820,16 +820,14 @@ | ||
| 820 | 820 | SslServerConn *pServer = (SslServerConn*)pServerArg; |
| 821 | 821 | if( nBuf>0x7fffffff ){ fossil_fatal("SSL read too big"); } |
| 822 | 822 | else if( BIO_eof(pServer->bio) ) return 0; |
| 823 | 823 | while( nBuf!=rc ){ |
| 824 | 824 | n = SSL_read(pServer->ssl, zBuf + rc, (int)(nBuf - rc)); |
| 825 | - if( n==0 ){ | |
| 825 | + if( n<=0 ){ | |
| 826 | 826 | break; |
| 827 | 827 | }else if(n>0){ |
| 828 | 828 | rc += n; |
| 829 | - }else{ | |
| 830 | - fossil_fatal("SSL read error."); | |
| 831 | 829 | } |
| 832 | 830 | #ifdef _WIN32 |
| 833 | 831 | /* Windows (XP and 10 tested with openssl 1.1.1m and 3.0.1) does |
| 834 | 832 | ** not require reading in a loop, returning all data in a single |
| 835 | 833 | ** call. If we read in a loop on Windows, SSL reads fail. Details: |
| 836 | 834 |
| --- src/http_ssl.c | |
| +++ src/http_ssl.c | |
| @@ -820,16 +820,14 @@ | |
| 820 | SslServerConn *pServer = (SslServerConn*)pServerArg; |
| 821 | if( nBuf>0x7fffffff ){ fossil_fatal("SSL read too big"); } |
| 822 | else if( BIO_eof(pServer->bio) ) return 0; |
| 823 | while( nBuf!=rc ){ |
| 824 | n = SSL_read(pServer->ssl, zBuf + rc, (int)(nBuf - rc)); |
| 825 | if( n==0 ){ |
| 826 | break; |
| 827 | }else if(n>0){ |
| 828 | rc += n; |
| 829 | }else{ |
| 830 | fossil_fatal("SSL read error."); |
| 831 | } |
| 832 | #ifdef _WIN32 |
| 833 | /* Windows (XP and 10 tested with openssl 1.1.1m and 3.0.1) does |
| 834 | ** not require reading in a loop, returning all data in a single |
| 835 | ** call. If we read in a loop on Windows, SSL reads fail. Details: |
| 836 |
| --- src/http_ssl.c | |
| +++ src/http_ssl.c | |
| @@ -820,16 +820,14 @@ | |
| 820 | SslServerConn *pServer = (SslServerConn*)pServerArg; |
| 821 | if( nBuf>0x7fffffff ){ fossil_fatal("SSL read too big"); } |
| 822 | else if( BIO_eof(pServer->bio) ) return 0; |
| 823 | while( nBuf!=rc ){ |
| 824 | n = SSL_read(pServer->ssl, zBuf + rc, (int)(nBuf - rc)); |
| 825 | if( n<=0 ){ |
| 826 | break; |
| 827 | }else if(n>0){ |
| 828 | rc += n; |
| 829 | } |
| 830 | #ifdef _WIN32 |
| 831 | /* Windows (XP and 10 tested with openssl 1.1.1m and 3.0.1) does |
| 832 | ** not require reading in a loop, returning all data in a single |
| 833 | ** call. If we read in a loop on Windows, SSL reads fail. Details: |
| 834 |