1/***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) 1998 - 2022, Daniel Stenberg, <[email protected]>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * SPDX-License-Identifier: curl
22 *
23 ***************************************************************************/
24
25#include "curl_setup.h"
26
27#ifndef CURL_DISABLE_HTTP
28
29#include "urldata.h" /* it includes http_chunks.h */
30#include "sendf.h" /* for the client write stuff */
31#include "dynbuf.h"
32#include "content_encoding.h"
33#include "http.h"
34#include "strtoofft.h"
35#include "warnless.h"
36
37/* The last #include files should be: */
38#include "curl_memory.h"
39#include "memdebug.h"
40
41/*
42 * Chunk format (simplified):
43 *
44 * <HEX SIZE>[ chunk extension ] CRLF
45 * <DATA> CRLF
46 *
47 * Highlights from RFC2616 section 3.6 say:
48
49 The chunked encoding modifies the body of a message in order to
50 transfer it as a series of chunks, each with its own size indicator,
51 followed by an OPTIONAL trailer containing entity-header fields. This
52 allows dynamically produced content to be transferred along with the
53 information necessary for the recipient to verify that it has
54 received the full message.
55
56 Chunked-Body = *chunk
57 last-chunk
58 trailer
59 CRLF
60
61 chunk = chunk-size [ chunk-extension ] CRLF
62 chunk-data CRLF
63 chunk-size = 1*HEX
64 last-chunk = 1*("0") [ chunk-extension ] CRLF
65
66 chunk-extension= *( ";" chunk-ext-name [ "=" chunk-ext-val ] )
67 chunk-ext-name = token
68 chunk-ext-val = token | quoted-string
69 chunk-data = chunk-size(OCTET)
70 trailer = *(entity-header CRLF)
71
72 The chunk-size field is a string of hex digits indicating the size of
73 the chunk. The chunked encoding is ended by any chunk whose size is
74 zero, followed by the trailer, which is terminated by an empty line.
75
76 */
77
78#define isxdigit_ascii(x) Curl_isxdigit(x)
79
80void Curl_httpchunk_init(struct Curl_easy *data)
81{
82 struct connectdata *conn = data->conn;
83 struct Curl_chunker *chunk = &conn->chunk;
84 chunk->hexindex = 0; /* start at 0 */
85 chunk->state = CHUNK_HEX; /* we get hex first! */
86 Curl_dyn_init(&conn->trailer, DYN_H1_TRAILER);
87}
88
89/*
90 * chunk_read() returns a OK for normal operations, or a positive return code
91 * for errors. STOP means this sequence of chunks is complete. The 'wrote'
92 * argument is set to tell the caller how many bytes we actually passed to the
93 * client (for byte-counting and whatever).
94 *
95 * The states and the state-machine is further explained in the header file.
96 *
97 * This function always uses ASCII hex values to accommodate non-ASCII hosts.
98 * For example, 0x0d and 0x0a are used instead of '\r' and '\n'.
99 */
100CHUNKcode Curl_httpchunk_read(struct Curl_easy *data,
101 char *datap,
102 ssize_t datalen,
103 ssize_t *wrote,
104 CURLcode *extrap)
105{
106 CURLcode result = CURLE_OK;
107 struct connectdata *conn = data->conn;
108 struct Curl_chunker *ch = &conn->chunk;
109 struct SingleRequest *k = &data->req;
110 size_t piece;
111 curl_off_t length = (curl_off_t)datalen;
112
113 *wrote = 0; /* nothing's written yet */
114
115 /* the original data is written to the client, but we go on with the
116 chunk read process, to properly calculate the content length*/
117 if(data->set.http_te_skip && !k->ignorebody) {
118 result = Curl_client_write(data, CLIENTWRITE_BODY, datap, datalen);
119 if(result) {
120 *extrap = result;
121 return CHUNKE_PASSTHRU_ERROR;
122 }
123 }
124
125 while(length) {
126 switch(ch->state) {
127 case CHUNK_HEX:
128 if(isxdigit_ascii(*datap)) {
129 if(ch->hexindex < CHUNK_MAXNUM_LEN) {
130 ch->hexbuffer[ch->hexindex] = *datap;
131 datap++;
132 length--;
133 ch->hexindex++;
134 }
135 else {
136 return CHUNKE_TOO_LONG_HEX; /* longer hex than we support */
137 }
138 }
139 else {
140 char *endptr;
141 if(0 == ch->hexindex)
142 /* This is illegal data, we received junk where we expected
143 a hexadecimal digit. */
144 return CHUNKE_ILLEGAL_HEX;
145
146 /* length and datap are unmodified */
147 ch->hexbuffer[ch->hexindex] = 0;
148
149 if(curlx_strtoofft(ch->hexbuffer, &endptr, 16, &ch->datasize))
150 return CHUNKE_ILLEGAL_HEX;
151 ch->state = CHUNK_LF; /* now wait for the CRLF */
152 }
153 break;
154
155 case CHUNK_LF:
156 /* waiting for the LF after a chunk size */
157 if(*datap == 0x0a) {
158 /* we're now expecting data to come, unless size was zero! */
159 if(0 == ch->datasize) {
160 ch->state = CHUNK_TRAILER; /* now check for trailers */
161 }
162 else
163 ch->state = CHUNK_DATA;
164 }
165
166 datap++;
167 length--;
168 break;
169
170 case CHUNK_DATA:
171 /* We expect 'datasize' of data. We have 'length' right now, it can be
172 more or less than 'datasize'. Get the smallest piece.
173 */
174 piece = curlx_sotouz((ch->datasize >= length)?length:ch->datasize);
175
176 /* Write the data portion available */
177 if(!data->set.http_te_skip && !k->ignorebody) {
178 if(!data->set.http_ce_skip && k->writer_stack)
179 result = Curl_unencode_write(data, k->writer_stack, datap, piece);
180 else
181 result = Curl_client_write(data, CLIENTWRITE_BODY, datap, piece);
182
183 if(result) {
184 *extrap = result;
185 return CHUNKE_PASSTHRU_ERROR;
186 }
187 }
188
189 *wrote += piece;
190 ch->datasize -= piece; /* decrease amount left to expect */
191 datap += piece; /* move read pointer forward */
192 length -= piece; /* decrease space left in this round */
193
194 if(0 == ch->datasize)
195 /* end of data this round, we now expect a trailing CRLF */
196 ch->state = CHUNK_POSTLF;
197 break;
198
199 case CHUNK_POSTLF:
200 if(*datap == 0x0a) {
201 /* The last one before we go back to hex state and start all over. */
202 Curl_httpchunk_init(data); /* sets state back to CHUNK_HEX */
203 }
204 else if(*datap != 0x0d)
205 return CHUNKE_BAD_CHUNK;
206 datap++;
207 length--;
208 break;
209
210 case CHUNK_TRAILER:
211 if((*datap == 0x0d) || (*datap == 0x0a)) {
212 char *tr = Curl_dyn_ptr(&conn->trailer);
213 /* this is the end of a trailer, but if the trailer was zero bytes
214 there was no trailer and we move on */
215
216 if(tr) {
217 size_t trlen;
218 result = Curl_dyn_addn(&conn->trailer, (char *)STRCONST("\x0d\x0a"));
219 if(result)
220 return CHUNKE_OUT_OF_MEMORY;
221
222 tr = Curl_dyn_ptr(&conn->trailer);
223 trlen = Curl_dyn_len(&conn->trailer);
224 if(!data->set.http_te_skip) {
225 result = Curl_client_write(data,
226 CLIENTWRITE_HEADER|CLIENTWRITE_TRAILER,
227 tr, trlen);
228 if(result) {
229 *extrap = result;
230 return CHUNKE_PASSTHRU_ERROR;
231 }
232 }
233 Curl_dyn_reset(&conn->trailer);
234 ch->state = CHUNK_TRAILER_CR;
235 if(*datap == 0x0a)
236 /* already on the LF */
237 break;
238 }
239 else {
240 /* no trailer, we're on the final CRLF pair */
241 ch->state = CHUNK_TRAILER_POSTCR;
242 break; /* don't advance the pointer */
243 }
244 }
245 else {
246 result = Curl_dyn_addn(&conn->trailer, datap, 1);
247 if(result)
248 return CHUNKE_OUT_OF_MEMORY;
249 }
250 datap++;
251 length--;
252 break;
253
254 case CHUNK_TRAILER_CR:
255 if(*datap == 0x0a) {
256 ch->state = CHUNK_TRAILER_POSTCR;
257 datap++;
258 length--;
259 }
260 else
261 return CHUNKE_BAD_CHUNK;
262 break;
263
264 case CHUNK_TRAILER_POSTCR:
265 /* We enter this state when a CR should arrive so we expect to
266 have to first pass a CR before we wait for LF */
267 if((*datap != 0x0d) && (*datap != 0x0a)) {
268 /* not a CR then it must be another header in the trailer */
269 ch->state = CHUNK_TRAILER;
270 break;
271 }
272 if(*datap == 0x0d) {
273 /* skip if CR */
274 datap++;
275 length--;
276 }
277 /* now wait for the final LF */
278 ch->state = CHUNK_STOP;
279 break;
280
281 case CHUNK_STOP:
282 if(*datap == 0x0a) {
283 length--;
284
285 /* Record the length of any data left in the end of the buffer
286 even if there's no more chunks to read */
287 ch->datasize = curlx_sotouz(length);
288
289 return CHUNKE_STOP; /* return stop */
290 }
291 else
292 return CHUNKE_BAD_CHUNK;
293 }
294 }
295 return CHUNKE_OK;
296}
297
298const char *Curl_chunked_strerror(CHUNKcode code)
299{
300 switch(code) {
301 default:
302 return "OK";
303 case CHUNKE_TOO_LONG_HEX:
304 return "Too long hexadecimal number";
305 case CHUNKE_ILLEGAL_HEX:
306 return "Illegal or missing hexadecimal sequence";
307 case CHUNKE_BAD_CHUNK:
308 return "Malformed encoding found";
309 case CHUNKE_PASSTHRU_ERROR:
310 DEBUGASSERT(0); /* never used */
311 return "";
312 case CHUNKE_BAD_ENCODING:
313 return "Bad content-encoding found";
314 case CHUNKE_OUT_OF_MEMORY:
315 return "Out of memory";
316 }
317}
318
319#endif /* CURL_DISABLE_HTTP */
320