File Coverage

lib/Plack/Handler/picohttpparser/picohttpparser.c

Criterion	Covered	Total	%
statement	84	217	38.7
branch	88	248	35.4
condition			n/a
subroutine			n/a
pod			n/a
total	172	465	36.9

line	stmt	bran	code
1			/*
2			* Copyright (c) 2009-2014 Kazuho Oku, Tokuhiro Matsuno, Daisuke Murase,
3			* Shigeo Mitsunari
4			*
5			* The software is licensed under either the MIT License (below) or the Perl
6			* license.
7			*
8			* Permission is hereby granted, free of charge, to any person obtaining a copy
9			* of this software and associated documentation files (the "Software"), to
10			* deal in the Software without restriction, including without limitation the
11			* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
12			* sell copies of the Software, and to permit persons to whom the Software is
13			* furnished to do so, subject to the following conditions:
14			*
15			* The above copyright notice and this permission notice shall be included in
16			* all copies or substantial portions of the Software.
17			*
18			* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19			* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20			* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
21			* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22			* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
23			* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
24			* IN THE SOFTWARE.
25			*/
26
27			#include
28			#include
29			#include
30			#ifdef __SSE4_2__
31			# ifdef _MSC_VER
32			# include
33			# else
34			# include
35			# endif
36			#endif
37			#include "picohttpparser.h"
38
39			/* $Id: b6ad4bc0aab735da6f932bf26bcef58961364b4a $ */
40
41			#if __GNUC__ >= 3
42			# define likely(x) __builtin_expect(!!(x), 1)
43			# define unlikely(x) __builtin_expect(!!(x), 0)
44			#else
45			# define likely(x) (x)
46			# define unlikely(x) (x)
47			#endif
48
49			#ifdef _MSC_VER
50			# define ALIGNED(n) _declspec(align(n))
51			#else
52			# define ALIGNED(n) __attribute__((aligned(n)))
53			#endif
54
55			#define IS_PRINTABLE_ASCII(c) ((unsigned char)(c) - 040u < 0137u)
56
57			#define CHECK_EOF() \
58			if (buf == buf_end) { \
59			*ret = -2; \
60			return NULL; \
61			}
62
63			#define EXPECT_CHAR(ch) \
64			CHECK_EOF(); \
65			if (*buf++ != ch) { \
66			*ret = -1; \
67			return NULL; \
68			}
69
70			#define ADVANCE_TOKEN(tok, toklen) do { \
71			const char* tok_start = buf; \
72			static const char ALIGNED(16) ranges2[] = "\000\040\177\177"; \
73			int found2; \
74			buf = findchar_fast(buf, buf_end, ranges2, sizeof(ranges2) - 1, &found2); \
75			if (! found2) { \
76			CHECK_EOF(); \
77			} \
78			while (1) { \
79			if (*buf == ' ') { \
80			break; \
81			} else if (unlikely(! IS_PRINTABLE_ASCII(*buf))) { \
82			if ((unsigned char)buf < '\040' \|\| buf == '\177') { \
83			*ret = -1; \
84			return NULL; \
85			} \
86			} \
87			++buf; \
88			CHECK_EOF(); \
89			} \
90			tok = tok_start; \
91			toklen = buf - tok_start; \
92			} while (0)
93
94			static const char* token_char_map =
95			"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
96			"\0\1\1\1\1\1\1\1\0\0\1\1\0\1\1\0\1\1\1\1\1\1\1\1\1\1\0\0\0\0\0\0"
97			"\0\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\0\0\0\1\1"
98			"\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\0\1\0\1\0"
99			"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
100			"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
101			"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
102			"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
103
104			static const char* findchar_fast(const char* buf, const char* buf_end, const char ranges, size_t ranges_size, int found)
105			{
106			*found = 0;
107			#if __SSE4_2__
108			if (likely(buf_end - buf >= 16)) {
109			__m128i ranges16 = _mm_loadu_si128((const __m128i*)ranges);
110
111			size_t left = (buf_end - buf) & ~15;
112			do {
113			__m128i b16 = _mm_loadu_si128((void*)buf);
114			int r = _mm_cmpestri(ranges16, ranges_size, b16, 16, _SIDD_LEAST_SIGNIFICANT \| _SIDD_CMP_RANGES \| _SIDD_UBYTE_OPS);
115			if (unlikely(r != 16)) {
116			buf += r;
117			*found = 1;
118			break;
119			}
120			buf += 16;
121			left -= 16;
122			} while (likely(left != 0));
123			}
124			#endif
125			return buf;
126			}
127
128	525		static const char* get_token_to_eol(const char* buf, const char* buf_end,
129			const char** token, size_t* token_len,
130			int* ret)
131			{
132			const char* token_start = buf;
133
134			#ifdef __SSE4_2__
135			static const char ranges1[] =
136			"\0\010"
137			/* allow HT */
138			"\012\037"
139			/* allow SP and up to but not including DEL */
140			"\177\177"
141			/* allow chars w. MSB set */
142			;
143			int found;
144			buf = findchar_fast(buf, buf_end, ranges1, sizeof(ranges1) - 1, &found);
145			if (found)
146			goto FOUND_CTL;
147			#else
148			/* find non-printable char within the next 8 bytes, this is the hottest code; manually inlined */
149	870	100	while (likely(buf_end - buf >= 8)) {
150			#define DOIT() if (unlikely(! IS_PRINTABLE_ASCII(*buf))) goto NonPrintable; ++buf
151	830	100	DOIT(); DOIT(); DOIT(); DOIT();
		100
		100
		100
152	630	100	DOIT(); DOIT(); DOIT(); DOIT();
		100
		50
		100
153			#undef DOIT
154	345		continue;
155			NonPrintable:
156	485	50	if ((likely((unsigned char)buf < '\040') && likely(buf != '\011')) \|\| unlikely(*buf == '\177')) {
		50
		0
157			goto FOUND_CTL;
158			}
159	345		++buf;
160			}
161			#endif
162	69		for (; ; ++buf) {
163	109	50	CHECK_EOF();
164	109	100	if (unlikely(! IS_PRINTABLE_ASCII(*buf))) {
165	40	50	if ((likely((unsigned char)buf < '\040') && likely(buf != '\011')) \|\| unlikely(*buf == '\177')) {
		50
		0
166			goto FOUND_CTL;
167			}
168			}
169	69		}
170			FOUND_CTL:
171	525	50	if (likely(*buf == '\015')) {
172	525		++buf;
173	525	50	EXPECT_CHAR('\012');
		50
174	525		*token_len = buf - 2 - token_start;
175	0	0	} else if (*buf == '\012') {
176	0		*token_len = buf - token_start;
177	0		++buf;
178			} else {
179	0		*ret = -1;
180	0		return NULL;
181			}
182	525		*token = token_start;
183
184	525		return buf;
185			}
186
187	0		static const char* is_complete(const char* buf, const char* buf_end,
188			size_t last_len, int* ret)
189			{
190			int ret_cnt = 0;
191	0	0	buf = last_len < 3 ? buf : buf + last_len - 3;
192
193			while (1) {
194	0	0	CHECK_EOF();
195	0	0	if (*buf == '\015') {
196	0		++buf;
197	0	0	CHECK_EOF();
198	0	0	EXPECT_CHAR('\012');
		0
199	0		++ret_cnt;
200	0	0	} else if (*buf == '\012') {
201	0		++buf;
202	0		++ret_cnt;
203			} else {
204	0		++buf;
205			ret_cnt = 0;
206			}
207	0	0	if (ret_cnt == 2) {
208			return buf;
209			}
210			}
211
212			*ret = -2;
213			return NULL;
214			}
215
216			/* _buf is always within [buf, buf_end) upon success /
217			static const char* parse_int(const char* buf, const char* buf_end, int* value,
218			int* ret)
219			{
220			int v;
221	151	0	CHECK_EOF();
		50
222	151	0	if (! ('0' <= buf && buf <= '9')) {
		50
223	0		*ret = -1;
224			return NULL;
225			}
226			v = 0;
227	151		for (; ; ++buf) {
228	302	0	CHECK_EOF();
		50
229	302	0	if ('0' <= buf && buf <= '9') {
		100
230	151		v = v * 10 + *buf - '0';
231			} else {
232			break;
233			}
234			}
235
236	151		*value = v;
237			return buf;
238			}
239
240			/* returned pointer is always within [buf, buf_end), or null */
241	151		static const char* parse_http_version(const char* buf, const char* buf_end,
242			int* minor_version, int* ret)
243			{
244	151	50	EXPECT_CHAR('H'); EXPECT_CHAR('T'); EXPECT_CHAR('T'); EXPECT_CHAR('P');
		50
		50
		50
		50
		50
		50
		50
245	151	50	EXPECT_CHAR('/'); EXPECT_CHAR('1'); EXPECT_CHAR('.');
		50
		50
		50
		50
		50
246	151		return parse_int(buf, buf_end, minor_version, ret);
247			}
248
249	302		static const char* parse_headers(const char* buf, const char* buf_end,
250			struct phr_header* headers,
251			size_t* num_headers, size_t max_headers,
252			int* ret)
253			{
254	525		for (; ; ++*num_headers) {
255	676	50	CHECK_EOF();
256	676	100	if (*buf == '\015') {
257	150		++buf;
258	150	50	EXPECT_CHAR('\012');
		50
259			break;
260	526	50	} else if (*buf == '\012') {
261	0		++buf;
262	0		break;
263			}
264	526	100	if (*num_headers == max_headers) {
265	1		*ret = -1;
266	1		return NULL;
267			}
268	525	100	if (! (num_headers != 0 && (buf == ' ' \|\| *buf == '\t'))) {
		100
269	523	50	if (! token_char_map[(unsigned char)*buf]) {
270	0		*ret = -1;
271	0		return NULL;
272			}
273			/* parsing name, but do not discard SP before colon, see
274			* http://www.mozilla.org/security/announce/2006/mfsa2006-33.html */
275	523		headers[*num_headers].name = buf;
276			static const char ALIGNED(16) ranges1[] = "::\x00\037";
277			int found;
278			buf = findchar_fast(buf, buf_end, ranges1, sizeof(ranges1) - 1, &found);
279			if (! found) {
280	523	50	CHECK_EOF();
281			}
282			while (1) {
283	6210	100	if (*buf == ':') {
284			break;
285	5687	50	} else if (*buf < ' ') {
286	0		*ret = -1;
287	0		return NULL;
288			}
289	5687		++buf;
290	5687	50	CHECK_EOF();
291			}
292	523		headers[num_headers].name_len = buf - headers[num_headers].name;
293	523		++buf;
294	523		for (; ; ++buf) {
295	1046	50	CHECK_EOF();
296	1046	100	if (! (buf == ' ' \|\| buf == '\t')) {
297			break;
298			}
299	523		}
300			} else {
301	2		headers[*num_headers].name = NULL;
302	2		headers[*num_headers].name_len = 0;
303			}
304	525	50	if ((buf = get_token_to_eol(buf, buf_end, &headers[*num_headers].value,
305	525		&headers[*num_headers].value_len, ret))
306			== NULL) {
307			return NULL;
308			}
309	525		}
310			return buf;
311			}
312
313	151		static const char* parse_request(const char* buf, const char* buf_end,
314			const char** method, size_t* method_len,
315			const char** path, size_t* path_len,
316			int* minor_version, struct phr_header* headers,
317			size_t* num_headers, size_t max_headers,
318			int* ret)
319			{
320			/* skip first empty line (some clients add CRLF after POST content) */
321	151	50	CHECK_EOF();
322	151	50	if (*buf == '\015') {
323	0		++buf;
324	0	0	EXPECT_CHAR('\012');
		0
325	151	50	} else if (*buf == '\012') {
326	0		++buf;
327			}
328
329			/* parse request line */
330	616	50	ADVANCE_TOKEN(method, method_len);
		100
		50
		0
		50
331	151		++buf;
332	951	50	ADVANCE_TOKEN(path, path_len);
		100
		50
		0
		50
333	151		++buf;
334	151	50	if ((buf = parse_http_version(buf, buf_end, minor_version, ret)) == NULL) {
335			return NULL;
336			}
337	151	50	if (*buf == '\015') {
338	151		++buf;
339	151	50	EXPECT_CHAR('\012');
		50
340	0	0	} else if (*buf == '\012') {
341	0		++buf;
342			} else {
343	0		*ret = -1;
344	0		return NULL;
345			}
346
347	151		return parse_headers(buf, buf_end, headers, num_headers, max_headers, ret);
348			}
349
350	151		int phr_parse_request(const char* buf_start, size_t len, const char** method,
351			size_t* method_len, const char** path, size_t* path_len,
352			int* minor_version, struct phr_header* headers,
353			size_t* num_headers, size_t last_len)
354			{
355	151		const char * buf = buf_start, * buf_end = buf_start + len;
356	151		size_t max_headers = *num_headers;
357			int r;
358
359	151		*method = NULL;
360	151		*method_len = 0;
361	151		*path = NULL;
362	151		*path_len = 0;
363	151		*minor_version = -1;
364	151		*num_headers = 0;
365
366			/* if last_len != 0, check if the request is complete (a fast countermeasure
367			againt slowloris */
368	151	50	if (last_len != 0 && is_complete(buf, buf_end, last_len, &r) == NULL) {
		0
369	0		return r;
370			}
371
372	151	100	if ((buf = parse_request(buf, buf_end, method, method_len, path, path_len,
373			minor_version, headers, num_headers, max_headers,
374			&r))
375			== NULL) {
376	1		return r;
377			}
378
379	150		return (int)(buf - buf_start);
380			}
381
382	0		static const char* parse_response(const char* buf, const char* buf_end,
383			int* minor_version, int* status,
384			const char** msg, size_t* msg_len,
385			struct phr_header* headers,
386			size_t* num_headers, size_t max_headers,
387			int* ret)
388			{
389			/* parse "HTTP/1.x" */
390	0	0	if ((buf = parse_http_version(buf, buf_end, minor_version, ret)) == NULL) {
391			return NULL;
392			}
393			/* skip space */
394	0	0	if (*buf++ != ' ') {
395	0		*ret = -1;
396	0		return NULL;
397			}
398			/* parse status code */
399	0	0	if ((buf = parse_int(buf, buf_end, status, ret)) == NULL) {
400			return NULL;
401			}
402			/* skip space */
403	0	0	if (*buf++ != ' ') {
404	0		*ret = -1;
405	0		return NULL;
406			}
407			/* get message */
408	0	0	if ((buf = get_token_to_eol(buf, buf_end, msg, msg_len, ret)) == NULL) {
409			return NULL;
410			}
411
412	0		return parse_headers(buf, buf_end, headers, num_headers, max_headers, ret);
413			}
414
415	0		int phr_parse_response(const char* buf_start, size_t len, int* minor_version,
416			int* status, const char** msg, size_t* msg_len,
417			struct phr_header* headers, size_t* num_headers,
418			size_t last_len)
419			{
420	0		const char * buf = buf_start, * buf_end = buf + len;
421	0		size_t max_headers = *num_headers;
422			int r;
423
424	0		*minor_version = -1;
425	0		*status = 0;
426	0		*msg = NULL;
427	0		*msg_len = 0;
428	0		*num_headers = 0;
429
430			/* if last_len != 0, check if the response is complete (a fast countermeasure
431			against slowloris */
432	0	0	if (last_len != 0 && is_complete(buf, buf_end, last_len, &r) == NULL) {
		0
433	0		return r;
434			}
435
436	0	0	if ((buf = parse_response(buf, buf_end, minor_version, status, msg, msg_len,
437			headers, num_headers, max_headers, &r))
438			== NULL) {
439	0		return r;
440			}
441
442	0		return (int)(buf - buf_start);
443			}
444
445	0		int phr_parse_headers(const char* buf_start, size_t len,
446			struct phr_header* headers, size_t* num_headers,
447			size_t last_len)
448			{
449	0		const char* buf = buf_start, * buf_end = buf + len;
450	0		size_t max_headers = *num_headers;
451			int r;
452
453	0		*num_headers = 0;
454
455			/* if last_len != 0, check if the response is complete (a fast countermeasure
456			against slowloris */
457	0	0	if (last_len != 0 && is_complete(buf, buf_end, last_len, &r) == NULL) {
		0
458	0		return r;
459			}
460
461	0	0	if ((buf = parse_headers(buf, buf_end, headers, num_headers, max_headers, &r))
462			== NULL) {
463	0		return r;
464			}
465
466	0		return (int)(buf - buf_start);
467			}
468
469			enum {
470			CHUNKED_IN_CHUNK_SIZE,
471			CHUNKED_IN_CHUNK_EXT,
472			CHUNKED_IN_CHUNK_DATA,
473			CHUNKED_IN_CHUNK_CRLF,
474			CHUNKED_IN_TRAILERS_LINE_HEAD,
475			CHUNKED_IN_TRAILERS_LINE_MIDDLE
476			};
477
478			static int decode_hex(int ch)
479			{
480	0	0	if ('0' <= ch && ch <= '9') {
481			return ch - '0';
482	0	0	} else if ('A' <= ch && ch <= 'F') {
483	0		return ch - 'A' + 0xa;
484	0	0	} else if ('a' <= ch && ch <= 'f') {
485	0		return ch - 'a' + 0xa;
486			} else {
487			return -1;
488			}
489			}
490
491	0		ssize_t phr_decode_chunked(struct phr_chunked_decoder decoder, char buf,
492			size_t *_bufsz)
493			{
494	0		size_t dst = 0, src = 0, bufsz = *_bufsz;
495			ssize_t ret = -2; /* incomplete */
496
497			while (1) {
498	0		switch (decoder->_state) {
499			case CHUNKED_IN_CHUNK_SIZE:
500	0		for (; ; ++src) {
501			int v;
502	0	0	if (src == bufsz)
503			goto Exit;
504	0	0	if ((v = decode_hex(buf[src])) == -1) {
505	0	0	if (decoder->_hex_count == 0) {
506			ret = -1;
507			goto Exit;
508			}
509			break;
510			}
511	0	0	if (decoder->_hex_count == sizeof(size_t) * 2) {
512			ret = -1;
513			goto Exit;
514			}
515	0		decoder->bytes_left_in_chunk = decoder->bytes_left_in_chunk * 16 + v;
516	0		++decoder->_hex_count;
517	0		}
518	0		decoder->_hex_count = 0;
519	0		decoder->_state = CHUNKED_IN_CHUNK_EXT;
520			/* fallthru */
521			case CHUNKED_IN_CHUNK_EXT:
522			/* RFC 7230 A.2 "Line folding in chunk extensions is disallowed" */
523	0		for (; ; ++src) {
524	0	0	if (src == bufsz)
525			goto Exit;
526	0	0	if (buf[src] == '\012')
527			break;
528	0		}
529	0		++src;
530	0	0	if (decoder->bytes_left_in_chunk == 0) {
531	0	0	if (decoder->consume_trailer) {
532	0		decoder->_state = CHUNKED_IN_TRAILERS_LINE_HEAD;
533	0		break;
534			} else {
535			goto Complete;
536			}
537			}
538	0		decoder->_state = CHUNKED_IN_CHUNK_DATA;
539			/* fallthru */
540			case CHUNKED_IN_CHUNK_DATA:
541			{
542	0		size_t avail = bufsz - src;
543	0	0	if (avail < decoder->bytes_left_in_chunk) {
544	0	0	if (dst != src)
545	0		memmove(buf + dst, buf + src, avail);
546			src += avail;
547	0		dst += avail;
548	0		decoder->bytes_left_in_chunk -= avail;
549	0		goto Exit;
550			}
551	0	0	if (dst != src)
552	0		memmove(buf + dst, buf + src, decoder->bytes_left_in_chunk);
553	0		src += decoder->bytes_left_in_chunk;
554	0		dst += decoder->bytes_left_in_chunk;
555	0		decoder->bytes_left_in_chunk = 0;
556	0		decoder->_state = CHUNKED_IN_CHUNK_CRLF;
557			}
558			/* fallthru */
559			case CHUNKED_IN_CHUNK_CRLF:
560	0		for (; ; ++src) {
561	0	0	if (src == bufsz)
562			goto Exit;
563	0	0	if (buf[src] != '\015')
564			break;
565	0		}
566	0	0	if (buf[src] != '\012') {
567			ret = -1;
568			goto Exit;
569			}
570	0		++src;
571	0		decoder->_state = CHUNKED_IN_CHUNK_SIZE;
572	0		break;
573			case CHUNKED_IN_TRAILERS_LINE_HEAD:
574	0		for (; ; ++src) {
575	0	0	if (src == bufsz)
576			goto Exit;
577	0	0	if (buf[src] != '\015')
578			break;
579	0		}
580	0	0	if (buf[src++] == '\012')
581			goto Complete;
582	0		decoder->_state = CHUNKED_IN_TRAILERS_LINE_MIDDLE;
583			/* fallthru */
584			case CHUNKED_IN_TRAILERS_LINE_MIDDLE:
585	0		for (; ; ++src) {
586	0	0	if (src == bufsz)
587			goto Exit;
588	0	0	if (buf[src] == '\012')
589			break;
590	0		}
591	0		++src;
592	0		decoder->_state = CHUNKED_IN_TRAILERS_LINE_HEAD;
593	0		break;
594			default:
595			assert(!"decoder is corrupt");
596			}
597			}
598
599			Complete:
600	0		ret = bufsz - src;
601			Exit:
602	0	0	if (dst != src)
603	0		memmove(buf + dst, buf + src, bufsz - src);
604	0		*_bufsz = dst;
605	0		return ret;
606			}
607
608			#undef CHECK_EOF
609			#undef EXPECT_CHAR
610			#undef ADVANCE_TOKEN