[BusyBox 0001184]: httpd cgi implementation broken by cset 17196

bugs at busybox.net bugs at busybox.net
Mon Jan 29 14:54:05 UTC 2007


The following issue has been SUBMITTED. 
====================================================================== 
http://busybox.net/bugs/view.php?id=1184 
====================================================================== 
Reported By:                aschultz
Assigned To:                BusyBox
====================================================================== 
Project:                    BusyBox
Issue ID:                   1184
Category:                   Networking Support
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     assigned
====================================================================== 
Date Submitted:             01-29-2007 06:54 PST
Last Modified:              01-29-2007 06:54 PST
====================================================================== 
Summary:                    httpd cgi implementation broken by cset 17196
Description: 
cset 17196 contains this beauty (slightly edited to highlight my point):

-					if (strncmp(rbuf, "HTTP/1.0 200 OK\r\n", 4) != 0) {
-						/* there is no "HTTP", do it ourself */
-						full_write(s, "HTTP/1.0 200 OK\r\n", 17);
-					} /* hmm, maybe 'else if'? */
-					if (!strstr(rbuf, "ontent-")) {
-						full_write(s, "Content-type: text/plain\r\n\r\n", 28);
-					}
-					firstLine = 0;
+#define HTTP_200 "HTTP/1.0 200 OK\r\n\r\n"
+				if (memcmp(rbuf, HTTP_200, 4) != 0) {
+					/* there is no "HTTP", do it ourself */
+					full_write(s, HTTP_200, sizeof(HTTP_200)-1);
+				}
+#undef HTTP_200

This breaks cgi scripts that omit to send a HTTP/1.0 header but continue
to send other headers. The fix is simple, change the #define HTTP_200 to:
#define HTTP_200 "HTTP/1.0 200 OK\r\n"
====================================================================== 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
01-29-07 06:54  aschultz       New Issue                                    
01-29-07 06:54  aschultz       Status                   new => assigned     
01-29-07 06:54  aschultz       Assigned To               => BusyBox         
======================================================================




More information about the busybox-cvs mailing list