[Cluster-devel] conga/luci/conga_ssl SSLClient.cpp SSLClient.h ...
rmccabe at sourceware.org
rmccabe at sourceware.org
Thu Sep 13 14:48:02 UTC 2007
CVSROOT: /cvs/cluster
Module name: conga
Changes by: rmccabe at sourceware.org 2007-09-13 14:48:01
Modified files:
luci/conga_ssl : SSLClient.cpp SSLClient.h conga_ssl_lib.cpp
Log message:
Fix a bug that could cause incomplete reads if the total length that ought to be read is > 4096 and the last two non-whitespace characters read are "/>"
Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/conga_ssl/SSLClient.cpp.diff?cvsroot=cluster&r1=1.5&r2=1.6
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/conga_ssl/SSLClient.h.diff?cvsroot=cluster&r1=1.3&r2=1.4
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/conga_ssl/conga_ssl_lib.cpp.diff?cvsroot=cluster&r1=1.5&r2=1.6
--- conga/luci/conga_ssl/SSLClient.cpp 2007/09/11 16:04:32 1.5
+++ conga/luci/conga_ssl/SSLClient.cpp 2007/09/13 14:48:01 1.6
@@ -279,19 +279,20 @@
}
String
-SSLClient::recv(unsigned int timeout)
+SSLClient::recv(unsigned int timeout, size_t& buflen)
{
if (!_connected)
throw String("cannot receive, yet: SSL connection not connected");
char buff[4096];
+ buflen = sizeof(buff);
unsigned int beg = time_mil();
while (time_mil() < beg + timeout) {
int ret = SSL_read(_ssl, buff, sizeof(buff));
if (ret > 0) {
String data(buff, ret);
- shred(buff, sizeof(buff));
+ memset(buff, 0, sizeof(buff));
return data;
} else {
bool want_read, want_write;
--- conga/luci/conga_ssl/SSLClient.h 2007/09/11 16:04:32 1.3
+++ conga/luci/conga_ssl/SSLClient.h 2007/09/13 14:48:01 1.4
@@ -48,7 +48,7 @@
bool connect(unsigned int timeout);
String send(const String& msg, unsigned int timeout);
- String recv(unsigned int timeout);
+ String recv(unsigned int timeout, size_t& buflen);
bool peer_has_cert();
--- conga/luci/conga_ssl/conga_ssl_lib.cpp 2007/09/11 16:04:32 1.5
+++ conga/luci/conga_ssl/conga_ssl_lib.cpp 2007/09/13 14:48:01 1.6
@@ -239,25 +239,26 @@
int beg = int(time_sec());
String xml_in;
while (true) {
+ size_t buflen;
String ret;
if (int(time_sec()) > beg + timeout)
throw String("timeout");
else {
- ret = iter->second->recv(400);
+ ret = iter->second->recv(400, buflen);
if (ret == "")
continue;
xml_in += ret;
}
- int start = xml_in.length() - 1;
- while (start > 0 && xml_in[start] == '\n' || xml_in[start] == '\r')
- start--;
- start += 2;
- if ((ret.substr(0, 6) == "<?xml " && xml_in.substr(start - sizeof("/>"), sizeof("/>") - 1) == "/>") ||
- xml_in.substr(start - sizeof("</ricci>"), sizeof("</ricci>") - 1) == "</ricci>")
+ if (ret.size() < buflen)
{
resp = xml_in;
- break;
+ try {
+ parseXML(xml_in);
+ break;
+ } catch (...) {
+ continue;
+ }
}
}
}
More information about the Cluster-devel
mailing list