Attachment #27591 for bug #64776

View | Details | Raw Unified | Return to bug 64776
Collapse All | Expand All

Lines 3-8 Link Here

(-)mpg123/httpget.c (-56 / +108 lines)
3	*	3	*
4	* Oliver Fromme <oliver.fromme@heim3.tu-clausthal.de>	4	* Oliver Fromme <oliver.fromme@heim3.tu-clausthal.de>
5	* Wed Apr 9 20:57:47 MET DST 1997	5	* Wed Apr 9 20:57:47 MET DST 1997
		6	*
		7	* Modified by Jeremy Huddleston <eradicator@gentoo.org> 2004.10.21 per
		8	* http://bugs.gentoo.org/show_bug.cgi?id=68343
		9	* http://www.barrossecurity.com/advisories/mpg123_getauthfromurl_bof_advisory.txt
		10	*
6	*/	11	*/
7		12
8	#undef ALSA	13	#undef ALSA
Lines 221-232 Link Here
221	#define ACCEPT_HEAD "Accept: audio/mpeg, audio/x-mpegurl, /\r\n"	226	#define ACCEPT_HEAD "Accept: audio/mpeg, audio/x-mpegurl, /\r\n"
222		227
223	char *httpauth = NULL;	228	char *httpauth = NULL;
224	char httpauth1[256];	229	char *httpauth1 = NULL;
225		230
226	int http_open (char *url)	231	int http_open (char *url)
227	{	232	{
228	char purl, host, request, sptr;	233	char purl, host, request, sptr;
229	int linelength;	234	unsigned int linelength, linelengthbase;
230	unsigned long myip;	235	unsigned long myip;
231	unsigned char *myport;	236	unsigned char *myport;
232	int sock;	237	int sock;
Lines 270-322 Link Here
270	exit(1);	275	exit(1);
271	}	276	}
272		277
273		278	/* The length of purl is upper bound by 3strlen(url) + 1 if everything in it is a space /
274	if ((linelength = strlen(url)+200) < 1024)	279	purl = (char )malloc(sizeof(char) (strlen(url)*3 + 1));
275	linelength = 1024;	280	if (!purl) {
276	if (!(request = malloc(linelength)) \|\| !(purl = malloc(1024))) {
277	fprintf (stderr, "malloc() failed, out of memory.\n");	281	fprintf (stderr, "malloc() failed, out of memory.\n");
278	exit (1);	282	exit (1);
279	}	283	}
280	/*
281	* 2000-10-21:
282	* We would like spaces to be automatically converted to %20's when
283	* fetching via HTTP.
284	* -- Martin Sjögren <md9ms@mdstud.chalmers.se>
285	*/
286	if ((sptr = strchr(url, ' ')) == NULL) {
287	strncpy (purl, url, 1023);
288	purl[1023] = '\0';
289	}
290	else {
291	int purllength = 0;
292	char *urlptr = url;
293	purl[0] = '\0';
294	do {
295	purllength += sptr-urlptr + 3;
296	if (purllength >= 1023)
297	break;
298	strncat (purl, urlptr, sptr-urlptr);
299	//purl[sptr-url] = '\0';
300	strcat (purl, "%20");
301	urlptr = sptr + 1;
302	}
303	while ((sptr = strchr (urlptr, ' ')) != NULL);
304	strcat (purl, urlptr);
305	}
306		284
		285	/*
		286	* 2000-10-21:
		287	* We would like spaces to be automatically converted to %20's when
		288	* fetching via HTTP.
		289	* -- Martin Sjögren <md9ms@mdstud.chalmers.se>
		290	*/
		291	if ((sptr = strchr(url, ' ')) == NULL) {
		292	strcpy (purl, url);
		293	} else {
		294	char *urlptr = url;
		295	purl[0] = '\0';
		296	do {
		297	strncat (purl, urlptr, sptr - urlptr);
		298	strcat (purl, "%20");
		299	urlptr = sptr + 1;
		300	}
		301	while ((sptr = strchr (urlptr, ' ')) != NULL);
		302	strcat (purl, urlptr);
		303	}
		304
		305	httpauth1 = (char )malloc((strlen(purl) + 1) sizeof(char));
		306	if(!httpauth1) {
		307	fprintf(stderr, "malloc() failed, out of memory.\n");
		308	exit(1);
		309	}
		310	getauthfromURL(purl,httpauth1);
		311
		312	/* "GET http://" + 11
		313	* " HTTP/1.0\r\nUser-Agent: <prgName>/<prgVersion>\r\n" 26 + prgName + prgVersion
		314	* ACCEPT_HEAD strlen(ACCEPT_HEAD)
		315	* "Authorization: Basic \r\n" 23
		316	* "\r\n" 2
		317	*/
		318	linelengthbase = 62 + strlen(prgName) + strlen(prgVersion) + strlen(ACCEPT_HEAD);
		319
		320	if(httpauth)
		321	linelengthbase += (strlen(httpauth) + 1) * 4;
307		322
308	getauthfromURL(purl,httpauth1);	323	if(httpauth1)
		324	linelengthbase += (strlen(httpauth1) + 1) * 4;
309		325
310	do {	326	do {
311	strcpy (request, "GET ");
312	if (proxyip != INADDR_NONE) {	327	if (proxyip != INADDR_NONE) {
313	if (strncasecmp(url, "http://", 7) != 0 && strncasecmp(url,"ftp://", 6) != 0)
314	strcat (request, "http://");
315	strcat (request, purl);
316	myport = proxyport;	328	myport = proxyport;
317	myip = proxyip;	329	myip = proxyip;
318	}	330
319	else {	331	linelength = linelengthbase + strlen(purl);
		332	if(host)
		333	linelength += 9 + strlen(host) + strlen(myport); /* "Host: <host>:<port>\r\n" */
		334
		335	request = (char )malloc((linelength + 1) sizeof(char));
		336	if (!request) {
		337	fprintf (stderr, "malloc() failed, out of memory.\n");
		338	exit (1);
		339	}
		340
		341	strcpy (request, "GET ");
		342	if (strncasecmp(url, "http://", 7) != 0 && strncasecmp(url,"ftp://", 6) != 0)
		343	strcat (request, "http://");
		344	strcat (request, purl);
		345	} else {
320	if (host) {	346	if (host) {
321	free(host);	347	free(host);
322	host=NULL;	348	host=NULL;
Lines 325-343 Link Here
325	free(proxyport);	351	free(proxyport);
326	proxyport=NULL;	352	proxyport=NULL;
327	}	353	}
328	if (!(sptr = url2hostport(purl, &host, &myip, &myport))) {	354
329	fprintf (stderr, "Unknown host \"%s\".\n",	355	sptr = url2hostport(purl, &host, &myip, &myport);
330	host ? host : "");	356	if (!sptr) {
		357	fprintf (stderr, "Unknown host \"%s\".\n", host ? host : "");
331	exit (1);	358	exit (1);
332	}	359	}
		360
		361	linelength = linelengthbase + strlen(sptr);
		362	if(host)
		363	linelength += 9 + strlen(host) + strlen(myport); /* "Host: <host>:<port>\r\n" */
		364
		365	request = (char )malloc((linelength + 1) sizeof(char));
		366	if (!request) {
		367	fprintf (stderr, "malloc() failed, out of memory.\n");
		368	exit (1);
		369	}
		370
		371	strcpy (request, "GET ");
333	strcat (request, sptr);	372	strcat (request, sptr);
334	}	373	}
335	sprintf (request + strlen(request),	374
336	" HTTP/1.0\r\nUser-Agent: %s/%s\r\n",	375	sprintf (request + strlen(request), " HTTP/1.0\r\nUser-Agent: %s/%s\r\n", prgName, prgVersion);
337	prgName, prgVersion);
338	if (host) {	376	if (host) {
339	sprintf(request + strlen(request),	377	sprintf(request + strlen(request), "Host: %s:%s\r\n", host, myport);
340	"Host: %s:%s\r\n", host, myport);
341	#if 0	378	#if 0
342	free (host);	379	free (host);
343	#endif	380	#endif
Lines 394-408 Link Here
394	exit(1);	431	exit(1);
395	}	432	}
396		433
397	if (strlen(httpauth1) \|\| httpauth) {	434	if (httpauth1 \|\| httpauth) {
398	char buf[1023];	435	char *buf;
399	strcat (request,"Authorization: Basic ");	436	strcat (request,"Authorization: Basic ");
400	if(strlen(httpauth1))	437	if(httpauth1) {
401	encode64(httpauth1,buf);	438	buf=(char )malloc((strlen(httpauth1) + 1) 4 * sizeof(char));
402	else	439	if(!buf) {
403	encode64(httpauth,buf);	440	fprintf(stderr, "Error allocating sufficient memory for http authentication. Exiting.");
404	strcat (request,buf);	441	exit(1);
		442	}
		443	encode64(httpauth1,buf);
		444	free(httpauth1);
		445	} else {
		446	buf=(char )malloc((strlen(httpauth) + 1) 4 * sizeof(char));
		447	if(!buf) {
		448	fprintf(stderr, "Error allocating sufficient memory for http authentication. Exiting.");
		449	exit(1);
		450	}
		451	encode64(httpauth,buf);
		452	}
		453
		454	strcat (request, buf);
405	strcat (request,"\r\n");	455	strcat (request,"\r\n");
		456	free(buf);
406	}	457	}
407	strcat (request, "\r\n");	458	strcat (request, "\r\n");
408		459
Lines 431-443 Link Here
431	if (!strncmp(request, "Location:", 9))	483	if (!strncmp(request, "Location:", 9))
432	strncpy (purl, request+10, 1023);	484	strncpy (purl, request+10, 1023);
433	} while (request[0] != '\r' && request[0] != '\n');	485	} while (request[0] != '\r' && request[0] != '\n');
		486
		487	free(request);
434	} while (relocate && purl[0] && numrelocs++ < 5);	488	} while (relocate && purl[0] && numrelocs++ < 5);
435	if (relocate) {	489	if (relocate) {
436	fprintf (stderr, "Too many HTTP relocations.\n");	490	fprintf (stderr, "Too many HTTP relocations.\n");
437	exit (1);	491	exit (1);
438	}	492	}
439	free (purl);	493	free(purl);
440	free (request);
441	free(host);	494	free(host);
442	free(proxyport);	495	free(proxyport);
443	free(myport);	496	free(myport);

Return to bug 64776