1.2.4 bug upnp event headerlength parse error in httpsession.cpp

Question

1.2.4 bug upnp event headerlength parse error in httpsession.cpp

Opened this issue 9 years ago · 0 comments

GoogleCodeExporter commented 9 years ago

Hi programmer, 
i found a bug and fix it in httpsession.cpp, see following

       ++memset(&sessionBuf[currentFillLength], 0, sessionBufLen - currentFillLength);//which i fix
       ++memcpy(&sessionBuf[currentFillLength], buf, len);//which i fix
       if(firstData){
        --ret = ParseHeader(buf, len);
               ++ ret = ParseHeader((unsigned char*)&sessionBuf[currentFillLength], len); //which i fix
        if(ret < 0){
            return ret;
        }
    }
    firstData = false;

    ++currentFillLength = currentFillLength + len; //which i fix
    --memcpy(&sessionBuf[currentFillLength], buf, len);
    --currentFillLength = currentFillLength + len;

these code will parse a wrong header length that will lead to following event 
para lost it's first "<", because the receive buffer not cleaned correctly, so 
i copy the but to cleaned session buffer and parse there. this will fix it.
still you can clean socket receive buffer also can fix this. 

br
linn song

Original issue reported on code.google.com by linn.lin...@gmail.com on 17 Jun 2012 at 6:26