From 0ab65593e21482c53ece36aa954204d7b202d351 Mon Sep 17 00:00:00 2001 From: Omar Polo Date: Thu, 21 Jan 2021 08:26:21 +0000 Subject: [PATCH] don't crash on wrong vhost or missing SNI the new logging code was crashing if the client didn't support SNI or if required an unknown vhost: this because we short-circuit in handle_handshake to an error, so c->iri isn't populated yet (we don't even read the request). fixes #1 --- gmid.c | 22 +++++++++++++--------- server.c | 5 +++++ 2 files changed, 18 insertions(+), 9 deletions(-) diff --git a/gmid.c b/gmid.c index e9cccf0..510d71f 100644 --- a/gmid.c +++ b/gmid.c @@ -119,15 +119,19 @@ log_request(struct client *c, char *meta, size_t l) if (ec != 0) fatal("getnameinfo: %s", gai_strerror(ec)); - /* serialize the IRI */ - strlcpy(b, c->iri.schema, sizeof(b)); - strlcat(b, "://", sizeof(b)); - strlcat(b, c->iri.host, sizeof(b)); - strlcat(b, "/", sizeof(b)); - strlcat(b, c->iri.path, sizeof(b)); /* TODO: sanitize UTF8 */ - if (*c->iri.query != '\0') { /* TODO: sanitize UTF8 */ - strlcat(b, "?", sizeof(b)); - strlcat(b, c->iri.query, sizeof(b)); + if (c->iri.schema != NULL) { + /* serialize the IRI */ + strlcpy(b, c->iri.schema, sizeof(b)); + strlcat(b, "://", sizeof(b)); + strlcat(b, c->iri.host, sizeof(b)); + strlcat(b, "/", sizeof(b)); + strlcat(b, c->iri.path, sizeof(b)); /* TODO: sanitize UTF8 */ + if (*c->iri.query != '\0') { /* TODO: sanitize UTF8 */ + strlcat(b, "?", sizeof(b)); + strlcat(b, c->iri.query, sizeof(b)); + } + } else { + strlcpy(b, c->req, sizeof(b)); } if ((t = gmid_strnchr(meta, '\r', l)) == NULL) diff --git a/server.c b/server.c index 728a679..50329cf 100644 --- a/server.c +++ b/server.c @@ -196,6 +196,11 @@ handle_handshake(struct pollfd *fds, struct client *c) } hostnotfound: + if (servname != NULL) + strncpy(c->req, servname, sizeof(c->req)); + else + strncpy(c->req, "null", sizeof(c->req)); + /* XXX: check the correct response */ if (!start_reply(fds, c, BAD_REQUEST, "Wrong host or missing SNI")) return;