From 5a0dc26353f800015e7321e5687e802b80ebc661 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jaramago=20Fern=C3=A1ndez?= Date: Thu, 30 Nov 2023 08:46:58 +0100 Subject: [PATCH 1/5] Log loading errors for 'WebInterface' and 'LDAPAuth' plugins --- src/main.cpp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/main.cpp b/src/main.cpp index 2c82203568..9c26be71db 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -959,6 +959,8 @@ static void LoadPlugins() { if (GloWebInterface) { //GloAdmin->init_WebInterfacePlugin(); //GloAdmin->load_ldap_variables_to_runtime(); + } else { + proxy_error("Failed to load 'Web_Interface' plugin\n"); } } } @@ -985,6 +987,11 @@ static void LoadPlugins() { exit(EXIT_FAILURE); } else { GloMyLdapAuth = create_MySQL_LDAP_Authentication(); + + if (!GloMyLdapAuth) { + proxy_error("Failed to load 'MySQL_LDAP_Authentication' plugin\n"); + } + // we are removing this from here, and copying in // ProxySQL_Main_init_phase2___not_started // the keep record of these two lines to make sure we don't From bb0f2da42c557a1182896a644c1e58f3382fdd5b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jaramago=20Fern=C3=A1ndez?= Date: Thu, 30 Nov 2023 08:48:09 +0100 Subject: [PATCH 2/5] Fix Valgrind reported 'realloc' of zero length --- lib/mysql_data_stream.cpp | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/lib/mysql_data_stream.cpp b/lib/mysql_data_stream.cpp index 5eea659e21..dd2f2e2d36 100644 --- a/lib/mysql_data_stream.cpp +++ b/lib/mysql_data_stream.cpp @@ -736,7 +736,12 @@ int MySQL_Data_Stream::write_to_net() { memmove(ssl_write_buf, ssl_write_buf+n, ssl_write_len-n); } ssl_write_len -= n; - ssl_write_buf = (char*)realloc(ssl_write_buf, ssl_write_len); + if (ssl_write_len) { + ssl_write_buf = (char*)realloc(ssl_write_buf, ssl_write_len); + } else { + free(ssl_write_buf); + ssl_write_buf = NULL; + } //proxy_info("new ssl_write_len: %u\n", ssl_write_len); //if (ssl_write_len) { // return n; // stop here @@ -887,7 +892,12 @@ int MySQL_Data_Stream::write_to_net_poll() { memmove(ssl_write_buf, ssl_write_buf+n, ssl_write_len-n); } ssl_write_len -= n; - ssl_write_buf = (char*)realloc(ssl_write_buf, ssl_write_len); + if (ssl_write_len) { + ssl_write_buf = (char*)realloc(ssl_write_buf, ssl_write_len); + } else { + free(ssl_write_buf); + ssl_write_buf = NULL; + } //proxy_info("new ssl_write_len: %u\n", ssl_write_len); if (ssl_write_len) { return n; // stop here From 0e5fe23f3633e7eee77e4f51bb78198cc07a4809 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jaramago=20Fern=C3=A1ndez?= Date: Thu, 30 Nov 2023 09:05:07 +0100 Subject: [PATCH 3/5] Remove global 'static strings' from 'libhttpserver' Invalid double-free were taking place during plugin de-initialization due to ODR violations motivated by these objects. Simplest solution is making them not require 'allocation/deallocation'. --- deps/Makefile | 1 + .../replace_static_global_strings.patch | 390 ++++++++++++++++++ 2 files changed, 391 insertions(+) create mode 100644 deps/libhttpserver/replace_static_global_strings.patch diff --git a/deps/Makefile b/deps/Makefile index 945c31a0a5..fdf78dd6d1 100644 --- a/deps/Makefile +++ b/deps/Makefile @@ -116,6 +116,7 @@ libhttpserver/libhttpserver/build/src/.libs/libhttpserver.a: libmicrohttpd/libmi #endif cd libhttpserver/libhttpserver && patch -p1 < ../final_val_post_process.patch cd libhttpserver/libhttpserver && patch -p1 < ../empty_uri_log_crash.patch + cd libhttpserver/libhttpserver && patch -p0 < ../replace_static_global_strings.patch ifeq ($(UNAME_S),FreeBSD) sed -i -e 's/\/bin\/bash/\/usr\/local\/bin\/bash/' libhttpserver/libhttpserver/bootstrap endif diff --git a/deps/libhttpserver/replace_static_global_strings.patch b/deps/libhttpserver/replace_static_global_strings.patch new file mode 100644 index 0000000000..f87ff2eaa2 --- /dev/null +++ b/deps/libhttpserver/replace_static_global_strings.patch @@ -0,0 +1,390 @@ +diff --git src/http_utils.cpp src/http_utils.cpp +index caefabc..fed5d9e 100644 +--- src/http_utils.cpp ++++ src/http_utils.cpp +@@ -137,98 +137,98 @@ const int http_utils::http_not_extended = MHD_HTTP_NOT_EXTENDED; + + const int http_utils::shoutcast_response = MHD_ICY_FLAG; + +-const std::string http_utils::http_header_accept = MHD_HTTP_HEADER_ACCEPT; +-const std::string http_utils::http_header_accept_charset = ++const char* http_utils::http_header_accept = MHD_HTTP_HEADER_ACCEPT; ++const char* http_utils::http_header_accept_charset = + MHD_HTTP_HEADER_ACCEPT_CHARSET; +-const std::string http_utils::http_header_accept_encoding = ++const char* http_utils::http_header_accept_encoding = + MHD_HTTP_HEADER_ACCEPT_ENCODING; +-const std::string http_utils::http_header_accept_language = ++const char* http_utils::http_header_accept_language = + MHD_HTTP_HEADER_ACCEPT_LANGUAGE; +-const std::string http_utils::http_header_accept_ranges = ++const char* http_utils::http_header_accept_ranges = + MHD_HTTP_HEADER_ACCEPT_RANGES; +-const std::string http_utils::http_header_age = MHD_HTTP_HEADER_AGE; +-const std::string http_utils::http_header_allow = MHD_HTTP_HEADER_ALLOW; +-const std::string http_utils::http_header_authorization = ++const char* http_utils::http_header_age = MHD_HTTP_HEADER_AGE; ++const char* http_utils::http_header_allow = MHD_HTTP_HEADER_ALLOW; ++const char* http_utils::http_header_authorization = + MHD_HTTP_HEADER_AUTHORIZATION; +-const std::string http_utils::http_header_cache_control = ++const char* http_utils::http_header_cache_control = + MHD_HTTP_HEADER_CACHE_CONTROL; +-const std::string http_utils::http_header_connection = ++const char* http_utils::http_header_connection = + MHD_HTTP_HEADER_CONNECTION; +-const std::string http_utils::http_header_content_encoding = ++const char* http_utils::http_header_content_encoding = + MHD_HTTP_HEADER_CONTENT_ENCODING; +-const std::string http_utils::http_header_content_language = ++const char* http_utils::http_header_content_language = + MHD_HTTP_HEADER_CONTENT_LANGUAGE; +-const std::string http_utils::http_header_content_length = ++const char* http_utils::http_header_content_length = + MHD_HTTP_HEADER_CONTENT_LENGTH; +-const std::string http_utils::http_header_content_location = ++const char* http_utils::http_header_content_location = + MHD_HTTP_HEADER_CONTENT_LOCATION; +-const std::string http_utils::http_header_content_md5 = ++const char* http_utils::http_header_content_md5 = + MHD_HTTP_HEADER_CONTENT_MD5; +-const std::string http_utils::http_header_content_range = ++const char* http_utils::http_header_content_range = + MHD_HTTP_HEADER_CONTENT_RANGE; +-const std::string http_utils::http_header_content_type = ++const char* http_utils::http_header_content_type = + MHD_HTTP_HEADER_CONTENT_TYPE; +-const std::string http_utils::http_header_date = MHD_HTTP_HEADER_DATE; +-const std::string http_utils::http_header_etag = MHD_HTTP_HEADER_ETAG; +-const std::string http_utils::http_header_expect = MHD_HTTP_HEADER_EXPECT; +-const std::string http_utils::http_header_expires = MHD_HTTP_HEADER_EXPIRES; +-const std::string http_utils::http_header_from = MHD_HTTP_HEADER_FROM; +-const std::string http_utils::http_header_host = MHD_HTTP_HEADER_HOST; +-const std::string http_utils::http_header_if_match = MHD_HTTP_HEADER_IF_MATCH; +-const std::string http_utils::http_header_if_modified_since = ++const char* http_utils::http_header_date = MHD_HTTP_HEADER_DATE; ++const char* http_utils::http_header_etag = MHD_HTTP_HEADER_ETAG; ++const char* http_utils::http_header_expect = MHD_HTTP_HEADER_EXPECT; ++const char* http_utils::http_header_expires = MHD_HTTP_HEADER_EXPIRES; ++const char* http_utils::http_header_from = MHD_HTTP_HEADER_FROM; ++const char* http_utils::http_header_host = MHD_HTTP_HEADER_HOST; ++const char* http_utils::http_header_if_match = MHD_HTTP_HEADER_IF_MATCH; ++const char* http_utils::http_header_if_modified_since = + MHD_HTTP_HEADER_IF_MODIFIED_SINCE; +-const std::string http_utils::http_header_if_none_match = ++const char* http_utils::http_header_if_none_match = + MHD_HTTP_HEADER_IF_NONE_MATCH; +-const std::string http_utils::http_header_if_range = MHD_HTTP_HEADER_IF_RANGE; +-const std::string http_utils::http_header_if_unmodified_since = ++const char* http_utils::http_header_if_range = MHD_HTTP_HEADER_IF_RANGE; ++const char* http_utils::http_header_if_unmodified_since = + MHD_HTTP_HEADER_IF_UNMODIFIED_SINCE; +-const std::string http_utils::http_header_last_modified = ++const char* http_utils::http_header_last_modified = + MHD_HTTP_HEADER_LAST_MODIFIED; +-const std::string http_utils::http_header_location = MHD_HTTP_HEADER_LOCATION; +-const std::string http_utils::http_header_max_forwards = ++const char* http_utils::http_header_location = MHD_HTTP_HEADER_LOCATION; ++const char* http_utils::http_header_max_forwards = + MHD_HTTP_HEADER_MAX_FORWARDS; +-const std::string http_utils::http_header_pragma = MHD_HTTP_HEADER_PRAGMA; +-const std::string http_utils::http_header_proxy_authenticate = ++const char* http_utils::http_header_pragma = MHD_HTTP_HEADER_PRAGMA; ++const char* http_utils::http_header_proxy_authenticate = + MHD_HTTP_HEADER_PROXY_AUTHENTICATE; +-const std::string http_utils::http_header_proxy_authentication = ++const char* http_utils::http_header_proxy_authentication = + MHD_HTTP_HEADER_PROXY_AUTHORIZATION; +-const std::string http_utils::http_header_range = MHD_HTTP_HEADER_RANGE; +-const std::string http_utils::http_header_referer = MHD_HTTP_HEADER_REFERER; +-const std::string http_utils::http_header_retry_after = ++const char* http_utils::http_header_range = MHD_HTTP_HEADER_RANGE; ++const char* http_utils::http_header_referer = MHD_HTTP_HEADER_REFERER; ++const char* http_utils::http_header_retry_after = + MHD_HTTP_HEADER_RETRY_AFTER; +-const std::string http_utils::http_header_server = MHD_HTTP_HEADER_SERVER; +-const std::string http_utils::http_header_te = MHD_HTTP_HEADER_TE; +-const std::string http_utils::http_header_trailer = MHD_HTTP_HEADER_TRAILER; +-const std::string http_utils::http_header_transfer_encoding = ++const char* http_utils::http_header_server = MHD_HTTP_HEADER_SERVER; ++const char* http_utils::http_header_te = MHD_HTTP_HEADER_TE; ++const char* http_utils::http_header_trailer = MHD_HTTP_HEADER_TRAILER; ++const char* http_utils::http_header_transfer_encoding = + MHD_HTTP_HEADER_TRANSFER_ENCODING; +-const std::string http_utils::http_header_upgrade = MHD_HTTP_HEADER_UPGRADE; +-const std::string http_utils::http_header_user_agent = ++const char* http_utils::http_header_upgrade = MHD_HTTP_HEADER_UPGRADE; ++const char* http_utils::http_header_user_agent = + MHD_HTTP_HEADER_USER_AGENT; +-const std::string http_utils::http_header_vary = MHD_HTTP_HEADER_VARY; +-const std::string http_utils::http_header_via = MHD_HTTP_HEADER_VIA; +-const std::string http_utils::http_header_warning = MHD_HTTP_HEADER_WARNING; +-const std::string http_utils::http_header_www_authenticate = ++const char* http_utils::http_header_vary = MHD_HTTP_HEADER_VARY; ++const char* http_utils::http_header_via = MHD_HTTP_HEADER_VIA; ++const char* http_utils::http_header_warning = MHD_HTTP_HEADER_WARNING; ++const char* http_utils::http_header_www_authenticate = + MHD_HTTP_HEADER_WWW_AUTHENTICATE; + +-const std::string http_utils::http_version_1_0 = MHD_HTTP_VERSION_1_0; +-const std::string http_utils::http_version_1_1 = MHD_HTTP_VERSION_1_1; ++const char* http_utils::http_version_1_0 = MHD_HTTP_VERSION_1_0; ++const char* http_utils::http_version_1_1 = MHD_HTTP_VERSION_1_1; + +-const std::string http_utils::http_method_connect = MHD_HTTP_METHOD_CONNECT; +-const std::string http_utils::http_method_delete = MHD_HTTP_METHOD_DELETE; +-const std::string http_utils::http_method_get = MHD_HTTP_METHOD_GET; +-const std::string http_utils::http_method_head = MHD_HTTP_METHOD_HEAD; +-const std::string http_utils::http_method_options = MHD_HTTP_METHOD_OPTIONS; +-const std::string http_utils::http_method_post = MHD_HTTP_METHOD_POST; +-const std::string http_utils::http_method_put = MHD_HTTP_METHOD_PUT; +-const std::string http_utils::http_method_trace = MHD_HTTP_METHOD_TRACE; +-const std::string http_utils::http_method_patch = MHD_HTTP_METHOD_PATCH; ++const char* http_utils::http_method_connect = MHD_HTTP_METHOD_CONNECT; ++const char* http_utils::http_method_delete = MHD_HTTP_METHOD_DELETE; ++const char* http_utils::http_method_get = MHD_HTTP_METHOD_GET; ++const char* http_utils::http_method_head = MHD_HTTP_METHOD_HEAD; ++const char* http_utils::http_method_options = MHD_HTTP_METHOD_OPTIONS; ++const char* http_utils::http_method_post = MHD_HTTP_METHOD_POST; ++const char* http_utils::http_method_put = MHD_HTTP_METHOD_PUT; ++const char* http_utils::http_method_trace = MHD_HTTP_METHOD_TRACE; ++const char* http_utils::http_method_patch = MHD_HTTP_METHOD_PATCH; + +-const std::string http_utils::http_post_encoding_form_urlencoded = ++const char* http_utils::http_post_encoding_form_urlencoded = + MHD_HTTP_POST_ENCODING_FORM_URLENCODED; +-const std::string http_utils::http_post_encoding_multipart_formdata = ++const char* http_utils::http_post_encoding_multipart_formdata = + MHD_HTTP_POST_ENCODING_MULTIPART_FORMDATA; + +-const std::string http_utils::text_plain = "text/plain"; ++const char* http_utils::text_plain = "text/plain"; + + std::vector http_utils::tokenize_url( + const std::string& str, +diff --git src/httpserver/http_utils.hpp src/httpserver/http_utils.hpp +index e2aa033..5059e06 100644 +--- src/httpserver/http_utils.hpp ++++ src/httpserver/http_utils.hpp +@@ -189,71 +189,71 @@ class http_utils + static const int shoutcast_response; + + /* See also: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html */ +- static const std::string http_header_accept; +- static const std::string http_header_accept_charset; +- static const std::string http_header_accept_encoding; +- static const std::string http_header_accept_language; +- static const std::string http_header_accept_ranges; +- static const std::string http_header_age; +- static const std::string http_header_allow; +- static const std::string http_header_authorization; +- static const std::string http_header_cache_control; +- static const std::string http_header_connection; +- static const std::string http_header_content_encoding; +- static const std::string http_header_content_language; +- static const std::string http_header_content_length; +- static const std::string http_header_content_location; +- static const std::string http_header_content_md5; +- static const std::string http_header_content_range; +- static const std::string http_header_content_type; +- static const std::string http_header_date; +- static const std::string http_header_etag; +- static const std::string http_header_expect; +- static const std::string http_header_expires; +- static const std::string http_header_from; +- static const std::string http_header_host; +- static const std::string http_header_if_match; +- static const std::string http_header_if_modified_since; +- static const std::string http_header_if_none_match; +- static const std::string http_header_if_range; +- static const std::string http_header_if_unmodified_since; +- static const std::string http_header_last_modified; +- static const std::string http_header_location; +- static const std::string http_header_max_forwards; +- static const std::string http_header_pragma; +- static const std::string http_header_proxy_authenticate; +- static const std::string http_header_proxy_authentication; +- static const std::string http_header_range; +- static const std::string http_header_referer; +- static const std::string http_header_retry_after; +- static const std::string http_header_server; +- static const std::string http_header_te; +- static const std::string http_header_trailer; +- static const std::string http_header_transfer_encoding; +- static const std::string http_header_upgrade; +- static const std::string http_header_user_agent; +- static const std::string http_header_vary; +- static const std::string http_header_via; +- static const std::string http_header_warning; +- static const std::string http_header_www_authenticate; +- +- static const std::string http_version_1_0; +- static const std::string http_version_1_1; +- +- static const std::string http_method_connect; +- static const std::string http_method_delete; +- static const std::string http_method_head; +- static const std::string http_method_get; +- static const std::string http_method_options; +- static const std::string http_method_post; +- static const std::string http_method_put; +- static const std::string http_method_trace; +- static const std::string http_method_patch; +- +- static const std::string http_post_encoding_form_urlencoded; +- static const std::string http_post_encoding_multipart_formdata; +- +- static const std::string text_plain; ++ static const char* http_header_accept; ++ static const char* http_header_accept_charset; ++ static const char* http_header_accept_encoding; ++ static const char* http_header_accept_language; ++ static const char* http_header_accept_ranges; ++ static const char* http_header_age; ++ static const char* http_header_allow; ++ static const char* http_header_authorization; ++ static const char* http_header_cache_control; ++ static const char* http_header_connection; ++ static const char* http_header_content_encoding; ++ static const char* http_header_content_language; ++ static const char* http_header_content_length; ++ static const char* http_header_content_location; ++ static const char* http_header_content_md5; ++ static const char* http_header_content_range; ++ static const char* http_header_content_type; ++ static const char* http_header_date; ++ static const char* http_header_etag; ++ static const char* http_header_expect; ++ static const char* http_header_expires; ++ static const char* http_header_from; ++ static const char* http_header_host; ++ static const char* http_header_if_match; ++ static const char* http_header_if_modified_since; ++ static const char* http_header_if_none_match; ++ static const char* http_header_if_range; ++ static const char* http_header_if_unmodified_since; ++ static const char* http_header_last_modified; ++ static const char* http_header_location; ++ static const char* http_header_max_forwards; ++ static const char* http_header_pragma; ++ static const char* http_header_proxy_authenticate; ++ static const char* http_header_proxy_authentication; ++ static const char* http_header_range; ++ static const char* http_header_referer; ++ static const char* http_header_retry_after; ++ static const char* http_header_server; ++ static const char* http_header_te; ++ static const char* http_header_trailer; ++ static const char* http_header_transfer_encoding; ++ static const char* http_header_upgrade; ++ static const char* http_header_user_agent; ++ static const char* http_header_vary; ++ static const char* http_header_via; ++ static const char* http_header_warning; ++ static const char* http_header_www_authenticate; ++ ++ static const char* http_version_1_0; ++ static const char* http_version_1_1; ++ ++ static const char* http_method_connect; ++ static const char* http_method_delete; ++ static const char* http_method_head; ++ static const char* http_method_get; ++ static const char* http_method_options; ++ static const char* http_method_post; ++ static const char* http_method_put; ++ static const char* http_method_trace; ++ static const char* http_method_patch; ++ ++ static const char* http_post_encoding_form_urlencoded; ++ static const char* http_post_encoding_multipart_formdata; ++ ++ static const char* text_plain; + + static std::vector tokenize_url(const std::string&, + const char separator = '/' +diff --git src/webserver.cpp src/webserver.cpp +index 96e53b5..a7be951 100644 +--- src/webserver.cpp ++++ src/webserver.cpp +@@ -537,22 +537,22 @@ MHD_Result webserver::requests_answer_first_step( + const char *encoding = MHD_lookup_connection_value ( + connection, + MHD_HEADER_KIND, +- http_utils::http_header_content_type.c_str() ++ http_utils::http_header_content_type + ); + + if ( post_process_enabled && + ( + 0x0 != encoding && + ((0 == strncasecmp ( +- http_utils::http_post_encoding_form_urlencoded.c_str(), ++ http_utils::http_post_encoding_form_urlencoded, + encoding, +- http_utils::http_post_encoding_form_urlencoded.size() ++ strlen(http_utils::http_post_encoding_form_urlencoded) + ) + ) + || (0 == strncasecmp ( +- http_utils::http_post_encoding_multipart_formdata.c_str(), ++ http_utils::http_post_encoding_multipart_formdata, + encoding, +- http_utils::http_post_encoding_multipart_formdata.size() ++ strlen(http_utils::http_post_encoding_multipart_formdata) + ))) + ) + ) +@@ -803,43 +803,43 @@ MHD_Result webserver::answer_to_connection(void* cls, MHD_Connection* connection + *(mr->complete_uri) + " METHOD: " + method + ); + +- if( 0 == strcasecmp(method, http_utils::http_method_get.c_str())) ++ if( 0 == strcasecmp(method, http_utils::http_method_get)) + { + mr->callback = &http_resource::render_GET; + } +- else if (0 == strcmp(method, http_utils::http_method_post.c_str())) ++ else if (0 == strcmp(method, http_utils::http_method_post)) + { + mr->callback = &http_resource::render_POST; + mr->has_body = true; + } +- else if (0 == strcasecmp(method, http_utils::http_method_put.c_str())) ++ else if (0 == strcasecmp(method, http_utils::http_method_put)) + { + mr->callback = &http_resource::render_PUT; + mr->has_body = true; + } +- else if (0 == strcasecmp(method,http_utils::http_method_delete.c_str())) ++ else if (0 == strcasecmp(method,http_utils::http_method_delete)) + { + mr->callback = &http_resource::render_DELETE; + mr->has_body = true; + } +- else if (0 == strcasecmp(method, http_utils::http_method_patch.c_str())) ++ else if (0 == strcasecmp(method, http_utils::http_method_patch)) + { + mr->callback = &http_resource::render_PATCH; + mr->has_body = true; + } +- else if (0 == strcasecmp(method, http_utils::http_method_head.c_str())) ++ else if (0 == strcasecmp(method, http_utils::http_method_head)) + { + mr->callback = &http_resource::render_HEAD; + } +- else if (0 ==strcasecmp(method,http_utils::http_method_connect.c_str())) ++ else if (0 ==strcasecmp(method,http_utils::http_method_connect)) + { + mr->callback = &http_resource::render_CONNECT; + } +- else if (0 == strcasecmp(method, http_utils::http_method_trace.c_str())) ++ else if (0 == strcasecmp(method, http_utils::http_method_trace)) + { + mr->callback = &http_resource::render_TRACE; + } +- else if (0 ==strcasecmp(method,http_utils::http_method_options.c_str())) ++ else if (0 ==strcasecmp(method,http_utils::http_method_options)) + { + mr->callback = &http_resource::render_OPTIONS; + } From a31f58fc3b8162a0b76bd64b2d56d67a94c5658a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jaramago=20Fern=C3=A1ndez?= Date: Thu, 30 Nov 2023 09:20:02 +0100 Subject: [PATCH 4/5] Add escaped URL tokenization to 'libhttpserver' Previously 'libhttpserver' only exposed method 'get_path_pieces()', this method makes use of the internal 'standardized_url' for tokenizing the URL. This method has the limitation of performing the escaping prior to the tokenization of elements, incurring into improper tokenization. The new introduced function 'get_url_pieces()' corrects this behavior. --- deps/Makefile | 1 + deps/libhttpserver/expose_raw_url.patch | 109 ++++++++++++++++++++++++ 2 files changed, 110 insertions(+) create mode 100644 deps/libhttpserver/expose_raw_url.patch diff --git a/deps/Makefile b/deps/Makefile index fdf78dd6d1..1d9d5ab8f1 100644 --- a/deps/Makefile +++ b/deps/Makefile @@ -116,6 +116,7 @@ libhttpserver/libhttpserver/build/src/.libs/libhttpserver.a: libmicrohttpd/libmi #endif cd libhttpserver/libhttpserver && patch -p1 < ../final_val_post_process.patch cd libhttpserver/libhttpserver && patch -p1 < ../empty_uri_log_crash.patch + cd libhttpserver/libhttpserver && patch -p0 < ../expose_raw_url.patch cd libhttpserver/libhttpserver && patch -p0 < ../replace_static_global_strings.patch ifeq ($(UNAME_S),FreeBSD) sed -i -e 's/\/bin\/bash/\/usr\/local\/bin\/bash/' libhttpserver/libhttpserver/bootstrap diff --git a/deps/libhttpserver/expose_raw_url.patch b/deps/libhttpserver/expose_raw_url.patch new file mode 100644 index 0000000000..6be22c1e68 --- /dev/null +++ b/deps/libhttpserver/expose_raw_url.patch @@ -0,0 +1,109 @@ +diff --git src/httpserver/details/modded_request.hpp src/httpserver/details/modded_request.hpp +index 1ebe5b1..32d4154 100644 +--- src/httpserver/details/modded_request.hpp ++++ src/httpserver/details/modded_request.hpp +@@ -38,6 +38,7 @@ struct modded_request + struct MHD_PostProcessor *pp = 0x0; + std::string* complete_uri = 0x0; + std::string* standardized_url = 0x0; ++ std::string* url = 0x0; + webserver* ws = 0x0; + + const std::shared_ptr (httpserver::http_resource::*callback)(const httpserver::http_request&); +@@ -65,6 +66,9 @@ struct modded_request + delete dhr; //TODO: verify. It could be an error + delete complete_uri; + delete standardized_url; ++ if (url) { ++ delete url; ++ } + } + + }; +diff --git src/httpserver/http_request.hpp src/httpserver/http_request.hpp +index 0b83fa2..419585d 100644 +--- src/httpserver/http_request.hpp ++++ src/httpserver/http_request.hpp +@@ -77,6 +77,15 @@ class http_request + return path; + } + ++ /** ++ * Method used to get the path requested ++ * @return string representing the path requested. ++ **/ ++ const std::string& get_url() const ++ { ++ return url; ++ } ++ + /** + * Method used to get all pieces of the path requested; considering an url splitted by '/'. + * @return a vector of strings containing all pieces +@@ -86,6 +95,22 @@ class http_request + return http::http_utils::tokenize_url(path); + } + ++ /** ++ * Method used to get all pieces of the path requested; considering an url splitted by '/'. ++ * @return a vector of strings containing all pieces ++ **/ ++ const std::vector get_url_pieces() const ++ { ++ const std::vector url_pieces { http::http_utils::tokenize_url(url) }; ++ std::vector dec_pieces { url_pieces }; ++ ++ for (std::string& p : dec_pieces) { ++ http::base_unescaper(p, nullptr); ++ } ++ ++ return dec_pieces; ++ } ++ + /** + * Method used to obtain a specified piece of the path; considering an url splitted by '/'. + * @param index the index of the piece selected +@@ -233,6 +258,7 @@ class http_request + http_request& operator=(http_request&& b) = default; + + std::string path; ++ std::string url; + std::string method; + std::map args; + std::string content = ""; +@@ -317,6 +343,15 @@ class http_request + this->path = path; + } + ++ /** ++ * Sets the raw (unescaped) URL path. Used for 'get_pieces()' ++ * @param url The path searched by the request ++ **/ ++ void set_url(const std::string& url) ++ { ++ this->url = url; ++ } ++ + /** + * Method used to set the request METHOD + * @param method The method to set for the request +diff --git src/webserver.cpp src/webserver.cpp +index e7dd335..96e53b5 100644 +--- src/webserver.cpp ++++ src/webserver.cpp +@@ -750,6 +750,7 @@ MHD_Result webserver::complete_request( + mr->ws = this; + + mr->dhr->set_path(mr->standardized_url->c_str()); ++ mr->dhr->set_url(mr->url->c_str()); + mr->dhr->set_method(method); + mr->dhr->set_version(version); + +@@ -793,6 +794,7 @@ MHD_Result webserver::answer_to_connection(void* cls, MHD_Connection* connection + + base_unescaper(t_url, static_cast(cls)->unescaper); + mr->standardized_url = new string(http_utils::standardize_url(t_url)); ++ mr->url = new string(url); + + mr->has_body = false; + From c2d58b3ab453e39d01fc5ffadb44b33f238c8323 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jaramago=20Fern=C3=A1ndez?= Date: Thu, 30 Nov 2023 09:26:38 +0100 Subject: [PATCH 5/5] Disable 'examples' compilation for 'libhttpserver' --- deps/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deps/Makefile b/deps/Makefile index 1d9d5ab8f1..94b2e7627e 100644 --- a/deps/Makefile +++ b/deps/Makefile @@ -122,7 +122,7 @@ ifeq ($(UNAME_S),FreeBSD) sed -i -e 's/\/bin\/bash/\/usr\/local\/bin\/bash/' libhttpserver/libhttpserver/bootstrap endif cd libhttpserver/libhttpserver && ./bootstrap && mkdir build - cd libhttpserver/libhttpserver/build && LDFLAGS=-L$(shell pwd)/libmicrohttpd/libmicrohttpd/src/microhttpd/.libs/ CPPFLAGS=-I$(shell pwd)/libmicrohttpd/libmicrohttpd/src/include ../configure --disable-doxygen-doc --disable-doxygen-dot --disable-doxygen-man --disable-doxygen-html --enable-fastopen=false + cd libhttpserver/libhttpserver/build && LDFLAGS=-L$(shell pwd)/libmicrohttpd/libmicrohttpd/src/microhttpd/.libs/ CPPFLAGS=-I$(shell pwd)/libmicrohttpd/libmicrohttpd/src/include ../configure --disable-doxygen-doc --disable-doxygen-dot --disable-doxygen-man --disable-doxygen-html --enable-fastopen=false --disable-examples cd libhttpserver/libhttpserver/build && CC=${CC} CXX=${CXX} ${MAKE} libhttpserver: libhttpserver/libhttpserver/build/src/.libs/libhttpserver.a