48 lines
2.1 KiB
Diff
48 lines
2.1 KiB
Diff
|
Author: Adam Majer <adam.majer@suse.de>
|
||
|
Summary: Fix crash caused by NULL content_type
|
||
|
|
||
|
Also, allow requests with Content-Type set to text/xml
|
||
|
|
||
|
==31976== Invalid read of size 1
|
||
|
==31976== at 0x5883DEB: scanCimXmlRequest (cimXmlParserProcessed.c:1739)
|
||
|
==31976== by 0x588C88E: handleCimRequest (cimRequest.c:1850)
|
||
|
==31976== by 0x4E3D95A: doHttpRequest (httpAdapter.c:1399)
|
||
|
==31976== by 0x4E3EC96: handleHttpRequest (httpAdapter.c:1741)
|
||
|
==31976== by 0x4E3EC96: acceptRequest (httpAdapter.c:2022)
|
||
|
==31976== by 0x4E40B0C: httpDaemon (httpAdapter.c:2464)
|
||
|
==31976== by 0x404866: startHttpd (sfcBroker.c:540)
|
||
|
==31976== by 0x4038B3: main (sfcBroker.c:1062)
|
||
|
==31976== Address 0x0 is not stack'd, malloc'd or (recently) free'd
|
||
|
==31976==
|
||
|
==31976==
|
||
|
==31976== Process terminating with default action of signal 11 (SIGSEGV): dumping core
|
||
|
==31976== Access not within mapped region at address 0x0
|
||
|
==31976== at 0x5883DEB: scanCimXmlRequest (cimXmlParserProcessed.c:1739)
|
||
|
==31976== by 0x588C88E: handleCimRequest (cimRequest.c:1850)
|
||
|
==31976== by 0x4E3D95A: doHttpRequest (httpAdapter.c:1399)
|
||
|
==31976== by 0x4E3EC96: handleHttpRequest (httpAdapter.c:1741)
|
||
|
==31976== by 0x4E3EC96: acceptRequest (httpAdapter.c:2022)
|
||
|
==31976== by 0x4E40B0C: httpDaemon (httpAdapter.c:2464)
|
||
|
==31976== by 0x404866: startHttpd (sfcBroker.c:540)
|
||
|
==31976== by 0x4038B3: main (sfcBroker.c:1062)
|
||
|
|
||
|
(gdb) p *ctx
|
||
|
$3 = {cimDoc = 0x69058c0 "", principal = 0x0, host = 0x69054d9 "xxx.xx.xxx.xxx:5989", contentType = 0x0, teTrailers = 0,
|
||
|
sessionId = 1, role = 0x0, cimDocLength = 0, commHndl = 0xffefffab0, chunkFncs = 0x5044798 <httpChunkFunctions>,
|
||
|
className = 0x0, operation = 0, verb = 0x6905480 "POST", path = 0x6905485 "/"}
|
||
|
|
||
|
Index: sblim-sfcb-1.4.8/httpAdapter.c
|
||
|
===================================================================
|
||
|
--- sblim-sfcb-1.4.8.orig/httpAdapter.c
|
||
|
+++ sblim-sfcb-1.4.8/httpAdapter.c
|
||
|
@@ -1047,7 +1047,7 @@ doHttpRequest(CommHndl conn_fd)
|
||
|
|
||
|
inBuf.authorization = "";
|
||
|
inBuf.protocol = "HTTP/1.1";
|
||
|
- inBuf.content_type = NULL;
|
||
|
+ inBuf.content_type = "application/xml";
|
||
|
inBuf.content_length = UINT_MAX;
|
||
|
inBuf.host = NULL;
|
||
|
inBuf.useragent = "";
|
||
|
|