[BusyBox 0001184]: httpd cgi implementation broken by cset 17196

bugs at busybox.net bugs at busybox.net
Mon Mar 5 10:12:33 UTC 2007


A NOTE has been added to this issue. 
====================================================================== 
http://busybox.net/bugs/view.php?id=1184 
====================================================================== 
Reported By:                aschultz
Assigned To:                BusyBox
====================================================================== 
Project:                    BusyBox
Issue ID:                   1184
Category:                   Networking Support
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     assigned
====================================================================== 
Date Submitted:             01-29-2007 06:54 PST
Last Modified:              03-05-2007 02:12 PST
====================================================================== 
Summary:                    httpd cgi implementation broken by cset 17196
Description: 
cset 17196 contains this beauty (slightly edited to highlight my point):

-					if (strncmp(rbuf, "HTTP/1.0 200 OK\r\n", 4) != 0) {
-						/* there is no "HTTP", do it ourself */
-						full_write(s, "HTTP/1.0 200 OK\r\n", 17);
-					} /* hmm, maybe 'else if'? */
-					if (!strstr(rbuf, "ontent-")) {
-						full_write(s, "Content-type: text/plain\r\n\r\n", 28);
-					}
-					firstLine = 0;
+#define HTTP_200 "HTTP/1.0 200 OK\r\n\r\n"
+				if (memcmp(rbuf, HTTP_200, 4) != 0) {
+					/* there is no "HTTP", do it ourself */
+					full_write(s, HTTP_200, sizeof(HTTP_200)-1);
+				}
+#undef HTTP_200

This breaks cgi scripts that omit to send a HTTP/1.0 header but continue
to send other headers. The fix is simple, change the #define HTTP_200 to:
#define HTTP_200 "HTTP/1.0 200 OK\r\n"
====================================================================== 

---------------------------------------------------------------------- 
 landau - 03-05-07 02:12  
---------------------------------------------------------------------- 
I second it.
The trunk code has changed since then, but the bug persists.
Changing in the trunk
static const char HTTP_200[] = "HTTP/1.0 200 OK\r\n\r\n";
to
static const char HTTP_200[] = "HTTP/1.0 200 OK\r\n";
seems to fix the bug. 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
01-29-07 06:54  aschultz       New Issue                                    
01-29-07 06:54  aschultz       Status                   new => assigned     
01-29-07 06:54  aschultz       Assigned To               => BusyBox         
03-05-07 02:12  landau         Note Added: 0002203                          
======================================================================




More information about the busybox-cvs mailing list