PHP  
 PHP: Test and Code Coverage Analysis
downloads | QA | documentation | faq | getting help | mailing lists | reporting bugs | php.net sites | links | my php.net 
 

LCOV - code coverage report
Current view: top level - sapi/cli - php_http_parser.c (source / functions) Hit Total Coverage
Test: PHP Code Coverage Lines: 0 699 0.0 %
Date: 2015-08-25 Functions: 0 4 0.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /* Copyright 2009,2010 Ryan Dahl <ry@tinyclouds.org>
       2             :  *
       3             :  * Permission is hereby granted, free of charge, to any person obtaining a copy
       4             :  * of this software and associated documentation files (the "Software"), to
       5             :  * deal in the Software without restriction, including without limitation the
       6             :  * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
       7             :  * sell copies of the Software, and to permit persons to whom the Software is
       8             :  * furnished to do so, subject to the following conditions:
       9             :  *
      10             :  * The above copyright notice and this permission notice shall be included in
      11             :  * all copies or substantial portions of the Software.
      12             :  *
      13             :  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
      14             :  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
      15             :  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
      16             :  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
      17             :  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
      18             :  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
      19             :  * IN THE SOFTWARE.
      20             :  */
      21             : #include <assert.h>
      22             : #include <stddef.h>
      23             : #include "php_http_parser.h"
      24             : 
      25             : 
      26             : #ifndef MIN
      27             : # define MIN(a,b) ((a) < (b) ? (a) : (b))
      28             : #endif
      29             : 
      30             : 
      31             : #define CALLBACK2(FOR)                                               \
      32             : do {                                                                 \
      33             :   if (settings->on_##FOR) {                                          \
      34             :     if (0 != settings->on_##FOR(parser)) return (p - data);          \
      35             :   }                                                                  \
      36             : } while (0)
      37             : 
      38             : 
      39             : #define MARK(FOR)                                                    \
      40             : do {                                                                 \
      41             :   FOR##_mark = p;                                                    \
      42             : } while (0)
      43             : 
      44             : #define CALLBACK_NOCLEAR(FOR)                                        \
      45             : do {                                                                 \
      46             :   if (FOR##_mark) {                                                  \
      47             :     if (settings->on_##FOR) {                                        \
      48             :       if (0 != settings->on_##FOR(parser,                            \
      49             :                                  FOR##_mark,                         \
      50             :                                  p - FOR##_mark))                    \
      51             :       {                                                              \
      52             :         return (p - data);                                           \
      53             :       }                                                              \
      54             :     }                                                                \
      55             :   }                                                                  \
      56             : } while (0)
      57             : 
      58             : #ifdef PHP_WIN32
      59             : # undef CALLBACK
      60             : #endif
      61             : #define CALLBACK(FOR)                                                \
      62             : do {                                                                 \
      63             :   CALLBACK_NOCLEAR(FOR);                                             \
      64             :   FOR##_mark = NULL;                                                 \
      65             : } while (0)
      66             : 
      67             : 
      68             : #define PROXY_CONNECTION "proxy-connection"
      69             : #define CONNECTION "connection"
      70             : #define CONTENT_LENGTH "content-length"
      71             : #define TRANSFER_ENCODING "transfer-encoding"
      72             : #define UPGRADE "upgrade"
      73             : #define CHUNKED "chunked"
      74             : #define KEEP_ALIVE "keep-alive"
      75             : #define CLOSE "close"
      76             : 
      77             : 
      78             : static const char *method_strings[] =
      79             :   { "DELETE"
      80             :   , "GET"
      81             :   , "HEAD"
      82             :   , "POST"
      83             :   , "PUT"
      84             :   , "PATCH"
      85             :   , "CONNECT"
      86             :   , "OPTIONS"
      87             :   , "TRACE"
      88             :   , "COPY"
      89             :   , "LOCK"
      90             :   , "MKCOL"
      91             :   , "MOVE"
      92             :   , "PROPFIND"
      93             :   , "PROPPATCH"
      94             :   , "SEARCH"
      95             :   , "UNLOCK"
      96             :   , "REPORT"
      97             :   , "MKACTIVITY"
      98             :   , "CHECKOUT"
      99             :   , "MERGE"
     100             :   , "M-SEARCH"
     101             :   , "NOTIFY"
     102             :   , "SUBSCRIBE"
     103             :   , "UNSUBSCRIBE"
     104             :   , "NOTIMPLEMENTED"
     105             :   };
     106             : 
     107             : 
     108             : /* Tokens as defined by rfc 2616. Also lowercases them.
     109             :  *        token       = 1*<any CHAR except CTLs or separators>
     110             :  *     separators     = "(" | ")" | "<" | ">" | "@"
     111             :  *                    | "," | ";" | ":" | "\" | <">
     112             :  *                    | "/" | "[" | "]" | "?" | "="
     113             :  *                    | "{" | "}" | SP | HT
     114             :  */
     115             : static const char tokens[256] = {
     116             : /*   0 nul    1 soh    2 stx    3 etx    4 eot    5 enq    6 ack    7 bel  */
     117             :         0,       0,       0,       0,       0,       0,       0,       0,
     118             : /*   8 bs     9 ht    10 nl    11 vt    12 np    13 cr    14 so    15 si   */
     119             :         0,       0,       0,       0,       0,       0,       0,       0,
     120             : /*  16 dle   17 dc1   18 dc2   19 dc3   20 dc4   21 nak   22 syn   23 etb */
     121             :         0,       0,       0,       0,       0,       0,       0,       0,
     122             : /*  24 can   25 em    26 sub   27 esc   28 fs    29 gs    30 rs    31 us  */
     123             :         0,       0,       0,       0,       0,       0,       0,       0,
     124             : /*  32 sp    33  !    34  "    35  #    36  $    37  %    38  &    39  '  */
     125             :        ' ',      '!',     '"',     '#',     '$',     '%',     '&',    '\'',
     126             : /*  40  (    41  )    42  *    43  +    44  ,    45  -    46  .    47  /  */
     127             :         0,       0,      '*',     '+',      0,      '-',     '.',     '/',
     128             : /*  48  0    49  1    50  2    51  3    52  4    53  5    54  6    55  7  */
     129             :        '0',     '1',     '2',     '3',     '4',     '5',     '6',     '7',
     130             : /*  56  8    57  9    58  :    59  ;    60  <    61  =    62  >    63  ?  */
     131             :        '8',     '9',      0,       0,       0,       0,       0,       0,
     132             : /*  64  @    65  A    66  B    67  C    68  D    69  E    70  F    71  G  */
     133             :         0,      'a',     'b',     'c',     'd',     'e',     'f',     'g',
     134             : /*  72  H    73  I    74  J    75  K    76  L    77  M    78  N    79  O  */
     135             :        'h',     'i',     'j',     'k',     'l',     'm',     'n',     'o',
     136             : /*  80  P    81  Q    82  R    83  S    84  T    85  U    86  V    87  W  */
     137             :        'p',     'q',     'r',     's',     't',     'u',     'v',     'w',
     138             : /*  88  X    89  Y    90  Z    91  [    92  \    93  ]    94  ^    95  _  */
     139             :        'x',     'y',     'z',      0,       0,       0,      '^',     '_',
     140             : /*  96  `    97  a    98  b    99  c   100  d   101  e   102  f   103  g  */
     141             :        '`',     'a',     'b',     'c',     'd',     'e',     'f',     'g',
     142             : /* 104  h   105  i   106  j   107  k   108  l   109  m   110  n   111  o  */
     143             :        'h',     'i',     'j',     'k',     'l',     'm',     'n',     'o',
     144             : /* 112  p   113  q   114  r   115  s   116  t   117  u   118  v   119  w  */
     145             :        'p',     'q',     'r',     's',     't',     'u',     'v',     'w',
     146             : /* 120  x   121  y   122  z   123  {   124  |   125  }   126  ~   127 del */
     147             :        'x',     'y',     'z',      0,      '|',     '}',     '~',       0 };
     148             : 
     149             : 
     150             : static const int8_t unhex[256] =
     151             :   {-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
     152             :   ,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
     153             :   ,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
     154             :   , 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,-1,-1,-1,-1,-1,-1
     155             :   ,-1,10,11,12,13,14,15,-1,-1,-1,-1,-1,-1,-1,-1,-1
     156             :   ,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
     157             :   ,-1,10,11,12,13,14,15,-1,-1,-1,-1,-1,-1,-1,-1,-1
     158             :   ,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
     159             :   };
     160             : 
     161             : 
     162             : static const uint8_t normal_url_char[256] = {
     163             : /*   0 nul    1 soh    2 stx    3 etx    4 eot    5 enq    6 ack    7 bel  */
     164             :         0,       0,       0,       0,       0,       0,       0,       0,
     165             : /*   8 bs     9 ht    10 nl    11 vt    12 np    13 cr    14 so    15 si   */
     166             :         0,       0,       0,       0,       0,       0,       0,       0,
     167             : /*  16 dle   17 dc1   18 dc2   19 dc3   20 dc4   21 nak   22 syn   23 etb */
     168             :         0,       0,       0,       0,       0,       0,       0,       0,
     169             : /*  24 can   25 em    26 sub   27 esc   28 fs    29 gs    30 rs    31 us  */
     170             :         0,       0,       0,       0,       0,       0,       0,       0,
     171             : /*  32 sp    33  !    34  "    35  #    36  $    37  %    38  &    39  '  */
     172             :         0,       1,       1,       0,       1,       1,       1,       1,
     173             : /*  40  (    41  )    42  *    43  +    44  ,    45  -    46  .    47  /  */
     174             :         1,       1,       1,       1,       1,       1,       1,       1,
     175             : /*  48  0    49  1    50  2    51  3    52  4    53  5    54  6    55  7  */
     176             :         1,       1,       1,       1,       1,       1,       1,       1,
     177             : /*  56  8    57  9    58  :    59  ;    60  <    61  =    62  >    63  ?  */
     178             :         1,       1,       1,       1,       1,       1,       1,       0,
     179             : /*  64  @    65  A    66  B    67  C    68  D    69  E    70  F    71  G  */
     180             :         1,       1,       1,       1,       1,       1,       1,       1,
     181             : /*  72  H    73  I    74  J    75  K    76  L    77  M    78  N    79  O  */
     182             :         1,       1,       1,       1,       1,       1,       1,       1,
     183             : /*  80  P    81  Q    82  R    83  S    84  T    85  U    86  V    87  W  */
     184             :         1,       1,       1,       1,       1,       1,       1,       1,
     185             : /*  88  X    89  Y    90  Z    91  [    92  \    93  ]    94  ^    95  _  */
     186             :         1,       1,       1,       1,       1,       1,       1,       1,
     187             : /*  96  `    97  a    98  b    99  c   100  d   101  e   102  f   103  g  */
     188             :         1,       1,       1,       1,       1,       1,       1,       1,
     189             : /* 104  h   105  i   106  j   107  k   108  l   109  m   110  n   111  o  */
     190             :         1,       1,       1,       1,       1,       1,       1,       1,
     191             : /* 112  p   113  q   114  r   115  s   116  t   117  u   118  v   119  w  */
     192             :         1,       1,       1,       1,       1,       1,       1,       1,
     193             : /* 120  x   121  y   122  z   123  {   124  |   125  }   126  ~   127 del */
     194             :         1,       1,       1,       1,       1,       1,       1,       0 };
     195             : 
     196             : 
     197             : enum state
     198             :   { s_dead = 1 /* important that this is > 0 */
     199             : 
     200             :   , s_start_req_or_res
     201             :   , s_res_or_resp_H
     202             :   , s_start_res
     203             :   , s_res_H
     204             :   , s_res_HT
     205             :   , s_res_HTT
     206             :   , s_res_HTTP
     207             :   , s_res_first_http_major
     208             :   , s_res_http_major
     209             :   , s_res_first_http_minor
     210             :   , s_res_http_minor
     211             :   , s_res_first_status_code
     212             :   , s_res_status_code
     213             :   , s_res_status
     214             :   , s_res_line_almost_done
     215             : 
     216             :   , s_start_req
     217             : 
     218             :   , s_req_method
     219             :   , s_req_spaces_before_url
     220             :   , s_req_schema
     221             :   , s_req_schema_slash
     222             :   , s_req_schema_slash_slash
     223             :   , s_req_host
     224             :   , s_req_port
     225             :   , s_req_path
     226             :   , s_req_query_string_start
     227             :   , s_req_query_string
     228             :   , s_req_fragment_start
     229             :   , s_req_fragment
     230             :   , s_req_http_start
     231             :   , s_req_http_H
     232             :   , s_req_http_HT
     233             :   , s_req_http_HTT
     234             :   , s_req_http_HTTP
     235             :   , s_req_first_http_major
     236             :   , s_req_http_major
     237             :   , s_req_first_http_minor
     238             :   , s_req_http_minor
     239             :   , s_req_line_almost_done
     240             : 
     241             :   , s_header_field_start
     242             :   , s_header_field
     243             :   , s_header_value_start
     244             :   , s_header_value
     245             : 
     246             :   , s_header_almost_done
     247             : 
     248             :   , s_headers_almost_done
     249             :   /* Important: 's_headers_almost_done' must be the last 'header' state. All
     250             :    * states beyond this must be 'body' states. It is used for overflow
     251             :    * checking. See the PARSING_HEADER() macro.
     252             :    */
     253             :   , s_chunk_size_start
     254             :   , s_chunk_size
     255             :   , s_chunk_size_almost_done
     256             :   , s_chunk_parameters
     257             :   , s_chunk_data
     258             :   , s_chunk_data_almost_done
     259             :   , s_chunk_data_done
     260             : 
     261             :   , s_body_identity
     262             :   , s_body_identity_eof
     263             :   };
     264             : 
     265             : 
     266             : #define PARSING_HEADER(state) (state <= s_headers_almost_done && 0 == (parser->flags & F_TRAILING))
     267             : 
     268             : 
     269             : enum header_states
     270             :   { h_general = 0
     271             :   , h_C
     272             :   , h_CO
     273             :   , h_CON
     274             : 
     275             :   , h_matching_connection
     276             :   , h_matching_proxy_connection
     277             :   , h_matching_content_length
     278             :   , h_matching_transfer_encoding
     279             :   , h_matching_upgrade
     280             : 
     281             :   , h_connection
     282             :   , h_content_length
     283             :   , h_transfer_encoding
     284             :   , h_upgrade
     285             : 
     286             :   , h_matching_transfer_encoding_chunked
     287             :   , h_matching_connection_keep_alive
     288             :   , h_matching_connection_close
     289             : 
     290             :   , h_transfer_encoding_chunked
     291             :   , h_connection_keep_alive
     292             :   , h_connection_close
     293             :   };
     294             : 
     295             : 
     296             : enum flags
     297             :   { F_CHUNKED               = 1 << 0
     298             :   , F_CONNECTION_KEEP_ALIVE = 1 << 1
     299             :   , F_CONNECTION_CLOSE      = 1 << 2
     300             :   , F_TRAILING              = 1 << 3
     301             :   , F_UPGRADE               = 1 << 4
     302             :   , F_SKIPBODY              = 1 << 5
     303             :   };
     304             : 
     305             : 
     306             : #define CR '\r'
     307             : #define LF '\n'
     308             : #define LOWER(c) (unsigned char)(c | 0x20)
     309             : #define TOKEN(c) tokens[(unsigned char)c]
     310             : 
     311             : 
     312             : #define start_state (parser->type == PHP_HTTP_REQUEST ? s_start_req : s_start_res)
     313             : 
     314             : 
     315             : #if HTTP_PARSER_STRICT
     316             : # define STRICT_CHECK(cond) if (cond) goto error
     317             : # define NEW_MESSAGE() (http_should_keep_alive(parser) ? start_state : s_dead)
     318             : #else
     319             : # define STRICT_CHECK(cond)
     320             : # define NEW_MESSAGE() start_state
     321             : #endif
     322             : 
     323             : 
     324           0 : size_t php_http_parser_execute (php_http_parser *parser,
     325             :                             const php_http_parser_settings *settings,
     326             :                             const char *data,
     327             :                             size_t len)
     328             : {
     329             :   char ch;
     330             :   signed char c;
     331           0 :   const char *p = data, *pe;
     332             :   size_t to_read;
     333             : 
     334           0 :   enum state state = (enum state) parser->state;
     335           0 :   enum header_states header_state = (enum header_states) parser->header_state;
     336           0 :   uint32_t index = parser->index;
     337           0 :   uint32_t nread = parser->nread;
     338             : 
     339             :   /* technically we could combine all of these (except for url_mark) into one
     340             :      variable, saving stack space, but it seems more clear to have them
     341             :      separated. */
     342           0 :   const char *header_field_mark = 0;
     343           0 :   const char *header_value_mark = 0;
     344           0 :   const char *fragment_mark = 0;
     345           0 :   const char *query_string_mark = 0;
     346           0 :   const char *path_mark = 0;
     347           0 :   const char *url_mark = 0;
     348             : 
     349           0 :   if (len == 0) {
     350           0 :     if (state == s_body_identity_eof) {
     351           0 :       CALLBACK2(message_complete);
     352             :     }
     353           0 :     return 0;
     354             :   }
     355             : 
     356           0 :   if (state == s_header_field)
     357           0 :     header_field_mark = data;
     358           0 :   if (state == s_header_value)
     359           0 :     header_value_mark = data;
     360           0 :   if (state == s_req_fragment)
     361           0 :     fragment_mark = data;
     362           0 :   if (state == s_req_query_string)
     363           0 :     query_string_mark = data;
     364           0 :   if (state == s_req_path)
     365           0 :     path_mark = data;
     366           0 :   if (state == s_req_path || state == s_req_schema || state == s_req_schema_slash
     367             :       || state == s_req_schema_slash_slash || state == s_req_port
     368             :       || state == s_req_query_string_start || state == s_req_query_string
     369             :       || state == s_req_host
     370             :       || state == s_req_fragment_start || state == s_req_fragment)
     371           0 :     url_mark = data;
     372             : 
     373           0 :   for (p=data, pe=data+len; p != pe; p++) {
     374           0 :     ch = *p;
     375             : 
     376           0 :     if (PARSING_HEADER(state)) {
     377           0 :       ++nread;
     378             :       /* Buffer overflow attack */
     379           0 :       if (nread > PHP_HTTP_MAX_HEADER_SIZE) goto error;
     380             :     }
     381             : 
     382           0 :     switch (state) {
     383             : 
     384             :       case s_dead:
     385             :         /* this state is used after a 'Connection: close' message
     386             :          * the parser will error out if it reads another message
     387             :          */
     388           0 :         goto error;
     389             : 
     390             :       case s_start_req_or_res:
     391             :       {
     392           0 :         if (ch == CR || ch == LF)
     393             :           break;
     394           0 :         parser->flags = 0;
     395           0 :         parser->content_length = -1;
     396             : 
     397           0 :         CALLBACK2(message_begin);
     398             : 
     399           0 :         if (ch == 'H')
     400           0 :           state = s_res_or_resp_H;
     401             :         else {
     402           0 :           parser->type = PHP_HTTP_REQUEST;
     403           0 :           goto start_req_method_assign;
     404             :         }
     405           0 :         break;
     406             :       }
     407             : 
     408             :       case s_res_or_resp_H:
     409           0 :         if (ch == 'T') {
     410           0 :           parser->type = PHP_HTTP_RESPONSE;
     411           0 :           state = s_res_HT;
     412             :         } else {
     413           0 :           if (ch != 'E') goto error;
     414           0 :           parser->type = PHP_HTTP_REQUEST;
     415           0 :           parser->method = PHP_HTTP_HEAD;
     416           0 :           index = 2;
     417           0 :           state = s_req_method;
     418             :         }
     419           0 :         break;
     420             : 
     421             :       case s_start_res:
     422             :       {
     423           0 :         parser->flags = 0;
     424           0 :         parser->content_length = -1;
     425             : 
     426           0 :         CALLBACK2(message_begin);
     427             : 
     428           0 :         switch (ch) {
     429             :           case 'H':
     430           0 :             state = s_res_H;
     431           0 :             break;
     432             : 
     433             :           case CR:
     434             :           case LF:
     435           0 :             break;
     436             : 
     437             :           default:
     438           0 :             goto error;
     439             :         }
     440           0 :         break;
     441             :       }
     442             : 
     443             :       case s_res_H:
     444             :         STRICT_CHECK(ch != 'T');
     445           0 :         state = s_res_HT;
     446           0 :         break;
     447             : 
     448             :       case s_res_HT:
     449             :         STRICT_CHECK(ch != 'T');
     450           0 :         state = s_res_HTT;
     451           0 :         break;
     452             : 
     453             :       case s_res_HTT:
     454             :         STRICT_CHECK(ch != 'P');
     455           0 :         state = s_res_HTTP;
     456           0 :         break;
     457             : 
     458             :       case s_res_HTTP:
     459             :         STRICT_CHECK(ch != '/');
     460           0 :         state = s_res_first_http_major;
     461           0 :         break;
     462             : 
     463             :       case s_res_first_http_major:
     464           0 :         if (ch < '1' || ch > '9') goto error;
     465           0 :         parser->http_major = ch - '0';
     466           0 :         state = s_res_http_major;
     467           0 :         break;
     468             : 
     469             :       /* major HTTP version or dot */
     470             :       case s_res_http_major:
     471             :       {
     472           0 :         if (ch == '.') {
     473           0 :           state = s_res_first_http_minor;
     474           0 :           break;
     475             :         }
     476             : 
     477           0 :         if (ch < '0' || ch > '9') goto error;
     478             : 
     479           0 :         parser->http_major *= 10;
     480           0 :         parser->http_major += ch - '0';
     481             : 
     482           0 :         if (parser->http_major > 999) goto error;
     483           0 :         break;
     484             :       }
     485             : 
     486             :       /* first digit of minor HTTP version */
     487             :       case s_res_first_http_minor:
     488           0 :         if (ch < '0' || ch > '9') goto error;
     489           0 :         parser->http_minor = ch - '0';
     490           0 :         state = s_res_http_minor;
     491           0 :         break;
     492             : 
     493             :       /* minor HTTP version or end of request line */
     494             :       case s_res_http_minor:
     495             :       {
     496           0 :         if (ch == ' ') {
     497           0 :           state = s_res_first_status_code;
     498           0 :           break;
     499             :         }
     500             : 
     501           0 :         if (ch < '0' || ch > '9') goto error;
     502             : 
     503           0 :         parser->http_minor *= 10;
     504           0 :         parser->http_minor += ch - '0';
     505             : 
     506           0 :         if (parser->http_minor > 999) goto error;
     507           0 :         break;
     508             :       }
     509             : 
     510             :       case s_res_first_status_code:
     511             :       {
     512           0 :         if (ch < '0' || ch > '9') {
     513           0 :           if (ch == ' ') {
     514           0 :             break;
     515             :           }
     516           0 :           goto error;
     517             :         }
     518           0 :         parser->status_code = ch - '0';
     519           0 :         state = s_res_status_code;
     520           0 :         break;
     521             :       }
     522             : 
     523             :       case s_res_status_code:
     524             :       {
     525           0 :         if (ch < '0' || ch > '9') {
     526           0 :           switch (ch) {
     527             :             case ' ':
     528           0 :               state = s_res_status;
     529           0 :               break;
     530             :             case CR:
     531           0 :               state = s_res_line_almost_done;
     532           0 :               break;
     533             :             case LF:
     534           0 :               state = s_header_field_start;
     535           0 :               break;
     536             :             default:
     537           0 :               goto error;
     538             :           }
     539           0 :           break;
     540             :         }
     541             : 
     542           0 :         parser->status_code *= 10;
     543           0 :         parser->status_code += ch - '0';
     544             : 
     545           0 :         if (parser->status_code > 999) goto error;
     546           0 :         break;
     547             :       }
     548             : 
     549             :       case s_res_status:
     550             :         /* the human readable status. e.g. "NOT FOUND"
     551             :          * we are not humans so just ignore this */
     552           0 :         if (ch == CR) {
     553           0 :           state = s_res_line_almost_done;
     554           0 :           break;
     555             :         }
     556             : 
     557           0 :         if (ch == LF) {
     558           0 :           state = s_header_field_start;
     559           0 :           break;
     560             :         }
     561           0 :         break;
     562             : 
     563             :       case s_res_line_almost_done:
     564             :         STRICT_CHECK(ch != LF);
     565           0 :         state = s_header_field_start;
     566           0 :         break;
     567             : 
     568             :       case s_start_req:
     569             :       {
     570           0 :         if (ch == CR || ch == LF)
     571             :           break;
     572           0 :         parser->flags = 0;
     573           0 :         parser->content_length = -1;
     574             : 
     575           0 :         CALLBACK2(message_begin);
     576             : 
     577           0 :         if (ch < 'A' || 'Z' < ch) goto error;
     578             : 
     579             :       start_req_method_assign:
     580           0 :         parser->method = (enum php_http_method) 0;
     581           0 :         index = 1;
     582           0 :         switch (ch) {
     583           0 :           case 'C': parser->method = PHP_HTTP_CONNECT; /* or COPY, CHECKOUT */ break;
     584           0 :           case 'D': parser->method = PHP_HTTP_DELETE; break;
     585           0 :           case 'G': parser->method = PHP_HTTP_GET; break;
     586           0 :           case 'H': parser->method = PHP_HTTP_HEAD; break;
     587           0 :           case 'L': parser->method = PHP_HTTP_LOCK; break;
     588           0 :           case 'M': parser->method = PHP_HTTP_MKCOL; /* or MOVE, MKACTIVITY, MERGE, M-SEARCH */ break;
     589           0 :           case 'N': parser->method = PHP_HTTP_NOTIFY; break;
     590           0 :           case 'O': parser->method = PHP_HTTP_OPTIONS; break;
     591           0 :           case 'P': parser->method = PHP_HTTP_POST; /* or PROPFIND or PROPPATCH or PUT */ break;
     592           0 :           case 'R': parser->method = PHP_HTTP_REPORT; break;
     593           0 :           case 'S': parser->method = PHP_HTTP_SUBSCRIBE; /* or SEARCH */ break;
     594           0 :           case 'T': parser->method = PHP_HTTP_TRACE; break;
     595           0 :           case 'U': parser->method = PHP_HTTP_UNLOCK; /* or UNSUBSCRIBE */ break;
     596           0 :           default: parser->method = PHP_HTTP_NOT_IMPLEMENTED; break;
     597             :         }
     598           0 :         state = s_req_method;
     599           0 :         break;
     600             :       }
     601             :       case s_req_method:
     602             :       {
     603             :         const char *matcher;
     604           0 :         if (ch == '\0')
     605           0 :           goto error;
     606             : 
     607           0 :         matcher = method_strings[parser->method];
     608           0 :         if (ch == ' ') {
     609           0 :           if (parser->method != PHP_HTTP_NOT_IMPLEMENTED && matcher[index] != '\0') {
     610           0 :             parser->method = PHP_HTTP_NOT_IMPLEMENTED;
     611             :           }
     612           0 :           state = s_req_spaces_before_url;
     613           0 :         } else if (parser->method == PHP_HTTP_NOT_IMPLEMENTED || ch == matcher[index]) {
     614             :           ; /* nada */
     615           0 :         } else if (parser->method == PHP_HTTP_CONNECT) {
     616           0 :           if (index == 1 && ch == 'H') {
     617           0 :             parser->method = PHP_HTTP_CHECKOUT;
     618           0 :           } else if (index == 2  && ch == 'P') {
     619           0 :             parser->method = PHP_HTTP_COPY;
     620             :           } else {
     621           0 :             parser->method = PHP_HTTP_NOT_IMPLEMENTED;
     622             :           }
     623           0 :         } else if (parser->method == PHP_HTTP_MKCOL) {
     624           0 :           if (index == 1 && ch == 'O') {
     625           0 :             parser->method = PHP_HTTP_MOVE;
     626           0 :           } else if (index == 1 && ch == 'E') {
     627           0 :             parser->method = PHP_HTTP_MERGE;
     628           0 :           } else if (index == 1 && ch == '-') {
     629           0 :             parser->method = PHP_HTTP_MSEARCH;
     630           0 :           } else if (index == 2 && ch == 'A') {
     631           0 :             parser->method = PHP_HTTP_MKACTIVITY;
     632             :           } else {
     633           0 :             parser->method = PHP_HTTP_NOT_IMPLEMENTED;
     634             :           }
     635           0 :         } else if (index == 1 && parser->method == PHP_HTTP_POST && ch == 'R') {
     636           0 :           parser->method = PHP_HTTP_PROPFIND; /* or HTTP_PROPPATCH */
     637           0 :         } else if (index == 1 && parser->method == PHP_HTTP_POST && ch == 'U') {
     638           0 :           parser->method = PHP_HTTP_PUT;
     639           0 :         } else if (index == 1 && parser->method == PHP_HTTP_POST && ch == 'A') {
     640           0 :           parser->method = PHP_HTTP_PATCH;
     641           0 :         } else if (index == 1 && parser->method == PHP_HTTP_SUBSCRIBE && ch == 'E') {
     642           0 :           parser->method = PHP_HTTP_SEARCH;
     643           0 :         } else if (index == 2 && parser->method == PHP_HTTP_UNLOCK && ch == 'S') {
     644           0 :           parser->method = PHP_HTTP_UNSUBSCRIBE;
     645           0 :         } else if (index == 4 && parser->method == PHP_HTTP_PROPFIND && ch == 'P') {
     646           0 :           parser->method = PHP_HTTP_PROPPATCH;
     647             :         } else {
     648           0 :           parser->method = PHP_HTTP_NOT_IMPLEMENTED;
     649             :         }
     650             : 
     651           0 :         ++index;
     652           0 :         break;
     653             :       }
     654             :       case s_req_spaces_before_url:
     655             :       {
     656           0 :         if (ch == ' ') break;
     657             : 
     658           0 :         if (ch == '/' || ch == '*') {
     659           0 :           MARK(url);
     660           0 :           MARK(path);
     661           0 :           state = s_req_path;
     662           0 :           break;
     663             :         }
     664             : 
     665           0 :         c = LOWER(ch);
     666             : 
     667           0 :         if (c >= 'a' && c <= 'z') {
     668           0 :           MARK(url);
     669           0 :           state = s_req_schema;
     670           0 :           break;
     671             :         }
     672             : 
     673           0 :         goto error;
     674             :       }
     675             : 
     676             :       case s_req_schema:
     677             :       {
     678           0 :         c = LOWER(ch);
     679             : 
     680           0 :         if (c >= 'a' && c <= 'z') break;
     681             : 
     682           0 :         if (ch == ':') {
     683           0 :           state = s_req_schema_slash;
     684           0 :           break;
     685           0 :         } else if (ch == '.') {
     686           0 :           state = s_req_host;
     687           0 :           break;
     688           0 :         } else if ('0' <= ch && ch <= '9') {
     689           0 :           state = s_req_host;
     690           0 :           break;
     691             :         }
     692             : 
     693           0 :         goto error;
     694             :       }
     695             : 
     696             :       case s_req_schema_slash:
     697             :         STRICT_CHECK(ch != '/');
     698           0 :         state = s_req_schema_slash_slash;
     699           0 :         break;
     700             : 
     701             :       case s_req_schema_slash_slash:
     702             :         STRICT_CHECK(ch != '/');
     703           0 :         state = s_req_host;
     704           0 :         break;
     705             : 
     706             :       case s_req_host:
     707             :       {
     708           0 :         c = LOWER(ch);
     709           0 :         if (c >= 'a' && c <= 'z') break;
     710           0 :         if ((ch >= '0' && ch <= '9') || ch == '.' || ch == '-') break;
     711           0 :         switch (ch) {
     712             :           case ':':
     713           0 :             state = s_req_port;
     714           0 :             break;
     715             :           case '/':
     716           0 :             MARK(path);
     717           0 :             state = s_req_path;
     718           0 :             break;
     719             :           case ' ':
     720             :             /* The request line looks like:
     721             :              *   "GET http://foo.bar.com HTTP/1.1"
     722             :              * That is, there is no path.
     723             :              */
     724           0 :             CALLBACK(url);
     725           0 :             state = s_req_http_start;
     726           0 :             break;
     727             :           default:
     728           0 :             goto error;
     729             :         }
     730           0 :         break;
     731             :       }
     732             : 
     733             :       case s_req_port:
     734             :       {
     735           0 :         if (ch >= '0' && ch <= '9') break;
     736           0 :         switch (ch) {
     737             :           case '/':
     738           0 :             MARK(path);
     739           0 :             state = s_req_path;
     740           0 :             break;
     741             :           case ' ':
     742             :             /* The request line looks like:
     743             :              *   "GET http://foo.bar.com:1234 HTTP/1.1"
     744             :              * That is, there is no path.
     745             :              */
     746           0 :             CALLBACK(url);
     747           0 :             state = s_req_http_start;
     748           0 :             break;
     749             :           default:
     750           0 :             goto error;
     751             :         }
     752           0 :         break;
     753             :       }
     754             : 
     755             :       case s_req_path:
     756             :       {
     757           0 :         if (normal_url_char[(unsigned char)ch]) break;
     758             : 
     759           0 :         switch (ch) {
     760             :           case ' ':
     761           0 :             CALLBACK(url);
     762           0 :             CALLBACK(path);
     763           0 :             state = s_req_http_start;
     764           0 :             break;
     765             :           case CR:
     766           0 :             CALLBACK(url);
     767           0 :             CALLBACK(path);
     768           0 :             parser->http_major = 0;
     769           0 :             parser->http_minor = 9;
     770           0 :             state = s_req_line_almost_done;
     771           0 :             break;
     772             :           case LF:
     773           0 :             CALLBACK(url);
     774           0 :             CALLBACK(path);
     775           0 :             parser->http_major = 0;
     776           0 :             parser->http_minor = 9;
     777           0 :             state = s_header_field_start;
     778           0 :             break;
     779             :           case '?':
     780           0 :             CALLBACK(path);
     781           0 :             state = s_req_query_string_start;
     782           0 :             break;
     783             :           case '#':
     784           0 :             CALLBACK(path);
     785           0 :             state = s_req_fragment_start;
     786           0 :             break;
     787             :           default:
     788           0 :             goto error;
     789             :         }
     790           0 :         break;
     791             :       }
     792             : 
     793             :       case s_req_query_string_start:
     794             :       {
     795           0 :         if (normal_url_char[(unsigned char)ch]) {
     796           0 :           MARK(query_string);
     797           0 :           state = s_req_query_string;
     798           0 :           break;
     799             :         }
     800             : 
     801           0 :         switch (ch) {
     802             :           case '?':
     803           0 :             break; /* XXX ignore extra '?' ... is this right? */
     804             :           case ' ':
     805           0 :             CALLBACK(url);
     806           0 :             state = s_req_http_start;
     807           0 :             break;
     808             :           case CR:
     809           0 :             CALLBACK(url);
     810           0 :             parser->http_major = 0;
     811           0 :             parser->http_minor = 9;
     812           0 :             state = s_req_line_almost_done;
     813           0 :             break;
     814             :           case LF:
     815           0 :             CALLBACK(url);
     816           0 :             parser->http_major = 0;
     817           0 :             parser->http_minor = 9;
     818           0 :             state = s_header_field_start;
     819           0 :             break;
     820             :           case '#':
     821           0 :             state = s_req_fragment_start;
     822           0 :             break;
     823             :           default:
     824           0 :             goto error;
     825             :         }
     826           0 :         break;
     827             :       }
     828             : 
     829             :       case s_req_query_string:
     830             :       {
     831           0 :         if (normal_url_char[(unsigned char)ch]) break;
     832             : 
     833           0 :         switch (ch) {
     834             :           case '?':
     835             :             /* allow extra '?' in query string */
     836           0 :             break;
     837             :           case ' ':
     838           0 :             CALLBACK(url);
     839           0 :             CALLBACK(query_string);
     840           0 :             state = s_req_http_start;
     841           0 :             break;
     842             :           case CR:
     843           0 :             CALLBACK(url);
     844           0 :             CALLBACK(query_string);
     845           0 :             parser->http_major = 0;
     846           0 :             parser->http_minor = 9;
     847           0 :             state = s_req_line_almost_done;
     848           0 :             break;
     849             :           case LF:
     850           0 :             CALLBACK(url);
     851           0 :             CALLBACK(query_string);
     852           0 :             parser->http_major = 0;
     853           0 :             parser->http_minor = 9;
     854           0 :             state = s_header_field_start;
     855           0 :             break;
     856             :           case '#':
     857           0 :             CALLBACK(query_string);
     858           0 :             state = s_req_fragment_start;
     859           0 :             break;
     860             :           default:
     861           0 :             goto error;
     862             :         }
     863           0 :         break;
     864             :       }
     865             : 
     866             :       case s_req_fragment_start:
     867             :       {
     868           0 :         if (normal_url_char[(unsigned char)ch]) {
     869           0 :           MARK(fragment);
     870           0 :           state = s_req_fragment;
     871           0 :           break;
     872             :         }
     873             : 
     874           0 :         switch (ch) {
     875             :           case ' ':
     876           0 :             CALLBACK(url);
     877           0 :             state = s_req_http_start;
     878           0 :             break;
     879             :           case CR:
     880           0 :             CALLBACK(url);
     881           0 :             parser->http_major = 0;
     882           0 :             parser->http_minor = 9;
     883           0 :             state = s_req_line_almost_done;
     884           0 :             break;
     885             :           case LF:
     886           0 :             CALLBACK(url);
     887           0 :             parser->http_major = 0;
     888           0 :             parser->http_minor = 9;
     889           0 :             state = s_header_field_start;
     890           0 :             break;
     891             :           case '?':
     892           0 :             MARK(fragment);
     893           0 :             state = s_req_fragment;
     894           0 :             break;
     895             :           case '#':
     896           0 :             break;
     897             :           default:
     898           0 :             goto error;
     899             :         }
     900           0 :         break;
     901             :       }
     902             : 
     903             :       case s_req_fragment:
     904             :       {
     905           0 :         if (normal_url_char[(unsigned char)ch]) break;
     906             : 
     907           0 :         switch (ch) {
     908             :           case ' ':
     909           0 :             CALLBACK(url);
     910           0 :             CALLBACK(fragment);
     911           0 :             state = s_req_http_start;
     912           0 :             break;
     913             :           case CR:
     914           0 :             CALLBACK(url);
     915           0 :             CALLBACK(fragment);
     916           0 :             parser->http_major = 0;
     917           0 :             parser->http_minor = 9;
     918           0 :             state = s_req_line_almost_done;
     919           0 :             break;
     920             :           case LF:
     921           0 :             CALLBACK(url);
     922           0 :             CALLBACK(fragment);
     923           0 :             parser->http_major = 0;
     924           0 :             parser->http_minor = 9;
     925           0 :             state = s_header_field_start;
     926           0 :             break;
     927             :           case '?':
     928             :           case '#':
     929           0 :             break;
     930             :           default:
     931           0 :             goto error;
     932             :         }
     933           0 :         break;
     934             :       }
     935             : 
     936             :       case s_req_http_start:
     937           0 :         switch (ch) {
     938             :           case 'H':
     939           0 :             state = s_req_http_H;
     940           0 :             break;
     941             :           case ' ':
     942           0 :             break;
     943             :           default:
     944           0 :             goto error;
     945             :         }
     946           0 :         break;
     947             : 
     948             :       case s_req_http_H:
     949             :         STRICT_CHECK(ch != 'T');
     950           0 :         state = s_req_http_HT;
     951           0 :         break;
     952             : 
     953             :       case s_req_http_HT:
     954             :         STRICT_CHECK(ch != 'T');
     955           0 :         state = s_req_http_HTT;
     956           0 :         break;
     957             : 
     958             :       case s_req_http_HTT:
     959             :         STRICT_CHECK(ch != 'P');
     960           0 :         state = s_req_http_HTTP;
     961           0 :         break;
     962             : 
     963             :       case s_req_http_HTTP:
     964             :         STRICT_CHECK(ch != '/');
     965           0 :         state = s_req_first_http_major;
     966           0 :         break;
     967             : 
     968             :       /* first digit of major HTTP version */
     969             :       case s_req_first_http_major:
     970           0 :         if (ch < '1' || ch > '9') goto error;
     971           0 :         parser->http_major = ch - '0';
     972           0 :         state = s_req_http_major;
     973           0 :         break;
     974             : 
     975             :       /* major HTTP version or dot */
     976             :       case s_req_http_major:
     977             :       {
     978           0 :         if (ch == '.') {
     979           0 :           state = s_req_first_http_minor;
     980           0 :           break;
     981             :         }
     982             : 
     983           0 :         if (ch < '0' || ch > '9') goto error;
     984             : 
     985           0 :         parser->http_major *= 10;
     986           0 :         parser->http_major += ch - '0';
     987             : 
     988           0 :         if (parser->http_major > 999) goto error;
     989           0 :         break;
     990             :       }
     991             : 
     992             :       /* first digit of minor HTTP version */
     993             :       case s_req_first_http_minor:
     994           0 :         if (ch < '0' || ch > '9') goto error;
     995           0 :         parser->http_minor = ch - '0';
     996           0 :         state = s_req_http_minor;
     997           0 :         break;
     998             : 
     999             :       /* minor HTTP version or end of request line */
    1000             :       case s_req_http_minor:
    1001             :       {
    1002           0 :         if (ch == CR) {
    1003           0 :           state = s_req_line_almost_done;
    1004           0 :           break;
    1005             :         }
    1006             : 
    1007           0 :         if (ch == LF) {
    1008           0 :           state = s_header_field_start;
    1009           0 :           break;
    1010             :         }
    1011             : 
    1012             :         /* XXX allow spaces after digit? */
    1013             : 
    1014           0 :         if (ch < '0' || ch > '9') goto error;
    1015             : 
    1016           0 :         parser->http_minor *= 10;
    1017           0 :         parser->http_minor += ch - '0';
    1018             : 
    1019           0 :         if (parser->http_minor > 999) goto error;
    1020           0 :         break;
    1021             :       }
    1022             : 
    1023             :       /* end of request line */
    1024             :       case s_req_line_almost_done:
    1025             :       {
    1026           0 :         if (ch != LF) goto error;
    1027           0 :         state = s_header_field_start;
    1028           0 :         break;
    1029             :       }
    1030             : 
    1031             :       case s_header_field_start:
    1032             :       {
    1033           0 :         if (ch == CR) {
    1034           0 :           state = s_headers_almost_done;
    1035           0 :           break;
    1036             :         }
    1037             : 
    1038           0 :         if (ch == LF) {
    1039             :           /* they might be just sending \n instead of \r\n so this would be
    1040             :            * the second \n to denote the end of headers*/
    1041           0 :           state = s_headers_almost_done;
    1042           0 :           goto headers_almost_done;
    1043             :         }
    1044             : 
    1045           0 :         c = TOKEN(ch);
    1046             : 
    1047           0 :         if (!c) goto error;
    1048             : 
    1049           0 :         MARK(header_field);
    1050             : 
    1051           0 :         index = 0;
    1052           0 :         state = s_header_field;
    1053             : 
    1054           0 :         switch (c) {
    1055             :           case 'c':
    1056           0 :             header_state = h_C;
    1057           0 :             break;
    1058             : 
    1059             :           case 'p':
    1060           0 :             header_state = h_matching_proxy_connection;
    1061           0 :             break;
    1062             : 
    1063             :           case 't':
    1064           0 :             header_state = h_matching_transfer_encoding;
    1065           0 :             break;
    1066             : 
    1067             :           case 'u':
    1068           0 :             header_state = h_matching_upgrade;
    1069           0 :             break;
    1070             : 
    1071             :           default:
    1072           0 :             header_state = h_general;
    1073             :             break;
    1074             :         }
    1075           0 :         break;
    1076             :       }
    1077             : 
    1078             :       case s_header_field:
    1079             :       {
    1080           0 :         c = TOKEN(ch);
    1081             : 
    1082           0 :         if (c) {
    1083           0 :           switch (header_state) {
    1084             :             case h_general:
    1085           0 :               break;
    1086             : 
    1087             :             case h_C:
    1088           0 :               index++;
    1089           0 :               header_state = (c == 'o' ? h_CO : h_general);
    1090           0 :               break;
    1091             : 
    1092             :             case h_CO:
    1093           0 :               index++;
    1094           0 :               header_state = (c == 'n' ? h_CON : h_general);
    1095           0 :               break;
    1096             : 
    1097             :             case h_CON:
    1098           0 :               index++;
    1099           0 :               switch (c) {
    1100             :                 case 'n':
    1101           0 :                   header_state = h_matching_connection;
    1102           0 :                   break;
    1103             :                 case 't':
    1104           0 :                   header_state = h_matching_content_length;
    1105           0 :                   break;
    1106             :                 default:
    1107           0 :                   header_state = h_general;
    1108             :                   break;
    1109             :               }
    1110           0 :               break;
    1111             : 
    1112             :             /* connection */
    1113             : 
    1114             :             case h_matching_connection:
    1115           0 :               index++;
    1116           0 :               if (index > sizeof(CONNECTION)-1
    1117           0 :                   || c != CONNECTION[index]) {
    1118           0 :                 header_state = h_general;
    1119           0 :               } else if (index == sizeof(CONNECTION)-2) {
    1120           0 :                 header_state = h_connection;
    1121             :               }
    1122           0 :               break;
    1123             : 
    1124             :             /* proxy-connection */
    1125             : 
    1126             :             case h_matching_proxy_connection:
    1127           0 :               index++;
    1128           0 :               if (index > sizeof(PROXY_CONNECTION)-1
    1129           0 :                   || c != PROXY_CONNECTION[index]) {
    1130           0 :                 header_state = h_general;
    1131           0 :               } else if (index == sizeof(PROXY_CONNECTION)-2) {
    1132           0 :                 header_state = h_connection;
    1133             :               }
    1134           0 :               break;
    1135             : 
    1136             :             /* content-length */
    1137             : 
    1138             :             case h_matching_content_length:
    1139           0 :               index++;
    1140           0 :               if (index > sizeof(CONTENT_LENGTH)-1
    1141           0 :                   || c != CONTENT_LENGTH[index]) {
    1142           0 :                 header_state = h_general;
    1143           0 :               } else if (index == sizeof(CONTENT_LENGTH)-2) {
    1144           0 :                 header_state = h_content_length;
    1145             :               }
    1146           0 :               break;
    1147             : 
    1148             :             /* transfer-encoding */
    1149             : 
    1150             :             case h_matching_transfer_encoding:
    1151           0 :               index++;
    1152           0 :               if (index > sizeof(TRANSFER_ENCODING)-1
    1153           0 :                   || c != TRANSFER_ENCODING[index]) {
    1154           0 :                 header_state = h_general;
    1155           0 :               } else if (index == sizeof(TRANSFER_ENCODING)-2) {
    1156           0 :                 header_state = h_transfer_encoding;
    1157             :               }
    1158           0 :               break;
    1159             : 
    1160             :             /* upgrade */
    1161             : 
    1162             :             case h_matching_upgrade:
    1163           0 :               index++;
    1164           0 :               if (index > sizeof(UPGRADE)-1
    1165           0 :                   || c != UPGRADE[index]) {
    1166           0 :                 header_state = h_general;
    1167           0 :               } else if (index == sizeof(UPGRADE)-2) {
    1168           0 :                 header_state = h_upgrade;
    1169             :               }
    1170           0 :               break;
    1171             : 
    1172             :             case h_connection:
    1173             :             case h_content_length:
    1174             :             case h_transfer_encoding:
    1175             :             case h_upgrade:
    1176           0 :               if (ch != ' ') header_state = h_general;
    1177           0 :               break;
    1178             : 
    1179             :             default:
    1180           0 :               assert(0 && "Unknown header_state");
    1181             :               break;
    1182             :           }
    1183           0 :           break;
    1184             :         }
    1185             : 
    1186           0 :         if (ch == ':') {
    1187           0 :           CALLBACK(header_field);
    1188           0 :           state = s_header_value_start;
    1189           0 :           break;
    1190             :         }
    1191             : 
    1192           0 :         if (ch == CR) {
    1193           0 :           state = s_header_almost_done;
    1194           0 :           CALLBACK(header_field);
    1195           0 :           break;
    1196             :         }
    1197             : 
    1198           0 :         if (ch == LF) {
    1199           0 :           CALLBACK(header_field);
    1200           0 :           state = s_header_field_start;
    1201           0 :           break;
    1202             :         }
    1203             : 
    1204           0 :         goto error;
    1205             :       }
    1206             : 
    1207             :       case s_header_value_start:
    1208             :       {
    1209           0 :         if (ch == ' ') break;
    1210             : 
    1211           0 :         MARK(header_value);
    1212             : 
    1213           0 :         state = s_header_value;
    1214           0 :         index = 0;
    1215             : 
    1216           0 :         c = LOWER(ch);
    1217             : 
    1218           0 :         if (ch == CR) {
    1219           0 :           CALLBACK(header_value);
    1220           0 :           header_state = h_general;
    1221           0 :           state = s_header_almost_done;
    1222           0 :           break;
    1223             :         }
    1224             : 
    1225           0 :         if (ch == LF) {
    1226           0 :           CALLBACK(header_value);
    1227           0 :           state = s_header_field_start;
    1228           0 :           break;
    1229             :         }
    1230             : 
    1231           0 :         switch (header_state) {
    1232             :           case h_upgrade:
    1233           0 :             parser->flags |= F_UPGRADE;
    1234           0 :             header_state = h_general;
    1235           0 :             break;
    1236             : 
    1237             :           case h_transfer_encoding:
    1238             :             /* looking for 'Transfer-Encoding: chunked' */
    1239           0 :             if ('c' == c) {
    1240           0 :               header_state = h_matching_transfer_encoding_chunked;
    1241             :             } else {
    1242           0 :               header_state = h_general;
    1243             :             }
    1244           0 :             break;
    1245             : 
    1246             :           case h_content_length:
    1247           0 :             if (ch < '0' || ch > '9') goto error;
    1248           0 :             parser->content_length = ch - '0';
    1249           0 :             break;
    1250             : 
    1251             :           case h_connection:
    1252             :             /* looking for 'Connection: keep-alive' */
    1253           0 :             if (c == 'k') {
    1254           0 :               header_state = h_matching_connection_keep_alive;
    1255             :             /* looking for 'Connection: close' */
    1256           0 :             } else if (c == 'c') {
    1257           0 :               header_state = h_matching_connection_close;
    1258             :             } else {
    1259           0 :               header_state = h_general;
    1260             :             }
    1261           0 :             break;
    1262             : 
    1263             :           default:
    1264           0 :             header_state = h_general;
    1265             :             break;
    1266             :         }
    1267           0 :         break;
    1268             :       }
    1269             : 
    1270             :       case s_header_value:
    1271             :       {
    1272           0 :         c = LOWER(ch);
    1273             : 
    1274           0 :         if (ch == CR) {
    1275           0 :           CALLBACK(header_value);
    1276           0 :           state = s_header_almost_done;
    1277           0 :           break;
    1278             :         }
    1279             : 
    1280           0 :         if (ch == LF) {
    1281           0 :           CALLBACK(header_value);
    1282           0 :           goto header_almost_done;
    1283             :         }
    1284             : 
    1285           0 :         switch (header_state) {
    1286             :           case h_general:
    1287           0 :             break;
    1288             : 
    1289             :           case h_connection:
    1290             :           case h_transfer_encoding:
    1291           0 :             assert(0 && "Shouldn't get here.");
    1292             :             break;
    1293             : 
    1294             :           case h_content_length:
    1295           0 :             if (ch == ' ') break;
    1296           0 :             if (ch < '0' || ch > '9') goto error;
    1297           0 :             parser->content_length *= 10;
    1298           0 :             parser->content_length += ch - '0';
    1299           0 :             break;
    1300             : 
    1301             :           /* Transfer-Encoding: chunked */
    1302             :           case h_matching_transfer_encoding_chunked:
    1303           0 :             index++;
    1304           0 :             if (index > sizeof(CHUNKED)-1
    1305           0 :                 || c != CHUNKED[index]) {
    1306           0 :               header_state = h_general;
    1307           0 :             } else if (index == sizeof(CHUNKED)-2) {
    1308           0 :               header_state = h_transfer_encoding_chunked;
    1309             :             }
    1310           0 :             break;
    1311             : 
    1312             :           /* looking for 'Connection: keep-alive' */
    1313             :           case h_matching_connection_keep_alive:
    1314           0 :             index++;
    1315           0 :             if (index > sizeof(KEEP_ALIVE)-1
    1316           0 :                 || c != KEEP_ALIVE[index]) {
    1317           0 :               header_state = h_general;
    1318           0 :             } else if (index == sizeof(KEEP_ALIVE)-2) {
    1319           0 :               header_state = h_connection_keep_alive;
    1320             :             }
    1321           0 :             break;
    1322             : 
    1323             :           /* looking for 'Connection: close' */
    1324             :           case h_matching_connection_close:
    1325           0 :             index++;
    1326           0 :             if (index > sizeof(CLOSE)-1 || c != CLOSE[index]) {
    1327           0 :               header_state = h_general;
    1328           0 :             } else if (index == sizeof(CLOSE)-2) {
    1329           0 :               header_state = h_connection_close;
    1330             :             }
    1331           0 :             break;
    1332             : 
    1333             :           case h_transfer_encoding_chunked:
    1334             :           case h_connection_keep_alive:
    1335             :           case h_connection_close:
    1336           0 :             if (ch != ' ') header_state = h_general;
    1337           0 :             break;
    1338             : 
    1339             :           default:
    1340           0 :             state = s_header_value;
    1341           0 :             header_state = h_general;
    1342             :             break;
    1343             :         }
    1344           0 :         break;
    1345             :       }
    1346             : 
    1347             :       case s_header_almost_done:
    1348             :       header_almost_done:
    1349             :       {
    1350             :         STRICT_CHECK(ch != LF);
    1351             : 
    1352           0 :         state = s_header_field_start;
    1353             : 
    1354           0 :         switch (header_state) {
    1355             :           case h_connection_keep_alive:
    1356           0 :             parser->flags |= F_CONNECTION_KEEP_ALIVE;
    1357           0 :             break;
    1358             :           case h_connection_close:
    1359           0 :             parser->flags |= F_CONNECTION_CLOSE;
    1360           0 :             break;
    1361             :           case h_transfer_encoding_chunked:
    1362           0 :             parser->flags |= F_CHUNKED;
    1363             :             break;
    1364             :           default:
    1365             :             break;
    1366             :         }
    1367           0 :         break;
    1368             :       }
    1369             : 
    1370             :       case s_headers_almost_done:
    1371             :       headers_almost_done:
    1372             :       {
    1373             :         STRICT_CHECK(ch != LF);
    1374             : 
    1375           0 :         if (parser->flags & F_TRAILING) {
    1376             :           /* End of a chunked request */
    1377           0 :           CALLBACK2(message_complete);
    1378           0 :           state = NEW_MESSAGE();
    1379           0 :           break;
    1380             :         }
    1381             : 
    1382           0 :         nread = 0;
    1383             : 
    1384           0 :         if (parser->flags & F_UPGRADE || parser->method == PHP_HTTP_CONNECT) {
    1385           0 :           parser->upgrade = 1;
    1386             :         }
    1387             : 
    1388             :         /* Here we call the headers_complete callback. This is somewhat
    1389             :          * different than other callbacks because if the user returns 1, we
    1390             :          * will interpret that as saying that this message has no body. This
    1391             :          * is needed for the annoying case of receiving a response to a HEAD
    1392             :          * request.
    1393             :          */
    1394           0 :         if (settings->on_headers_complete) {
    1395           0 :           switch (settings->on_headers_complete(parser)) {
    1396             :             case 0:
    1397           0 :               break;
    1398             : 
    1399             :             case 1:
    1400           0 :               parser->flags |= F_SKIPBODY;
    1401           0 :               break;
    1402             : 
    1403             :             default:
    1404           0 :               return p - data; /* Error */
    1405             :           }
    1406             :         }
    1407             : 
    1408             :         /* Exit, the rest of the connect is in a different protocol. */
    1409           0 :         if (parser->upgrade) {
    1410           0 :           CALLBACK2(message_complete);
    1411           0 :           return (p - data);
    1412             :         }
    1413             : 
    1414           0 :         if (parser->flags & F_SKIPBODY) {
    1415           0 :           CALLBACK2(message_complete);
    1416           0 :           state = NEW_MESSAGE();
    1417           0 :         } else if (parser->flags & F_CHUNKED) {
    1418             :           /* chunked encoding - ignore Content-Length header */
    1419           0 :           state = s_chunk_size_start;
    1420             :         } else {
    1421           0 :           if (parser->content_length == 0) {
    1422             :             /* Content-Length header given but zero: Content-Length: 0\r\n */
    1423           0 :             CALLBACK2(message_complete);
    1424           0 :             state = NEW_MESSAGE();
    1425           0 :           } else if (parser->content_length > 0) {
    1426             :             /* Content-Length header given and non-zero */
    1427           0 :             state = s_body_identity;
    1428             :           } else {
    1429           0 :             if (parser->type == PHP_HTTP_REQUEST || php_http_should_keep_alive(parser)) {
    1430             :               /* Assume content-length 0 - read the next */
    1431           0 :               CALLBACK2(message_complete);
    1432           0 :               state = NEW_MESSAGE();
    1433             :             } else {
    1434             :               /* Read body until EOF */
    1435           0 :               state = s_body_identity_eof;
    1436             :             }
    1437             :           }
    1438             :         }
    1439             : 
    1440           0 :         break;
    1441             :       }
    1442             : 
    1443             :       case s_body_identity:
    1444           0 :         assert(pe >= p);
    1445             : 
    1446           0 :         to_read = MIN((size_t)(pe - p), (size_t)parser->content_length);
    1447           0 :         if (to_read > 0) {
    1448           0 :           if (settings->on_body) settings->on_body(parser, p, to_read);
    1449           0 :           p += to_read - 1;
    1450           0 :           parser->content_length -= to_read;
    1451           0 :           if (parser->content_length == 0) {
    1452           0 :             CALLBACK2(message_complete);
    1453           0 :             state = NEW_MESSAGE();
    1454             :           }
    1455             :         }
    1456           0 :         break;
    1457             : 
    1458             :       /* read until EOF */
    1459             :       case s_body_identity_eof:
    1460           0 :         to_read = pe - p;
    1461           0 :         if (to_read > 0) {
    1462           0 :           if (settings->on_body) settings->on_body(parser, p, to_read);
    1463           0 :           p += to_read - 1;
    1464             :         }
    1465           0 :         break;
    1466             : 
    1467             :       case s_chunk_size_start:
    1468             :       {
    1469           0 :         assert(parser->flags & F_CHUNKED);
    1470             : 
    1471           0 :         c = unhex[(unsigned char)ch];
    1472           0 :         if (c == -1) goto error;
    1473           0 :         parser->content_length = c;
    1474           0 :         state = s_chunk_size;
    1475           0 :         break;
    1476             :       }
    1477             : 
    1478             :       case s_chunk_size:
    1479             :       {
    1480           0 :         assert(parser->flags & F_CHUNKED);
    1481             : 
    1482           0 :         if (ch == CR) {
    1483           0 :           state = s_chunk_size_almost_done;
    1484           0 :           break;
    1485             :         }
    1486             : 
    1487           0 :         c = unhex[(unsigned char)ch];
    1488             : 
    1489           0 :         if (c == -1) {
    1490           0 :           if (ch == ';' || ch == ' ') {
    1491           0 :             state = s_chunk_parameters;
    1492           0 :             break;
    1493             :           }
    1494           0 :           goto error;
    1495             :         }
    1496             : 
    1497           0 :         parser->content_length *= 16;
    1498           0 :         parser->content_length += c;
    1499           0 :         break;
    1500             :       }
    1501             : 
    1502             :       case s_chunk_parameters:
    1503             :       {
    1504           0 :         assert(parser->flags & F_CHUNKED);
    1505             :         /* just ignore this shit. TODO check for overflow */
    1506           0 :         if (ch == CR) {
    1507           0 :           state = s_chunk_size_almost_done;
    1508           0 :           break;
    1509             :         }
    1510           0 :         break;
    1511             :       }
    1512             : 
    1513             :       case s_chunk_size_almost_done:
    1514             :       {
    1515           0 :         assert(parser->flags & F_CHUNKED);
    1516             :         STRICT_CHECK(ch != LF);
    1517             : 
    1518           0 :         if (parser->content_length == 0) {
    1519           0 :           parser->flags |= F_TRAILING;
    1520           0 :           state = s_header_field_start;
    1521             :         } else {
    1522           0 :           state = s_chunk_data;
    1523             :         }
    1524           0 :         break;
    1525             :       }
    1526             : 
    1527             :       case s_chunk_data:
    1528             :       {
    1529           0 :         assert(parser->flags & F_CHUNKED);
    1530           0 :         assert(pe >= p);
    1531             : 
    1532           0 :         to_read = MIN((size_t)(pe - p), (size_t)(parser->content_length));
    1533             : 
    1534           0 :         if (to_read > 0) {
    1535           0 :           if (settings->on_body) settings->on_body(parser, p, to_read);
    1536           0 :           p += to_read - 1;
    1537             :         }
    1538             : 
    1539           0 :         if (to_read == parser->content_length) {
    1540           0 :           state = s_chunk_data_almost_done;
    1541             :         }
    1542             : 
    1543           0 :         parser->content_length -= to_read;
    1544           0 :         break;
    1545             :       }
    1546             : 
    1547             :       case s_chunk_data_almost_done:
    1548           0 :         assert(parser->flags & F_CHUNKED);
    1549             :         STRICT_CHECK(ch != CR);
    1550           0 :         state = s_chunk_data_done;
    1551           0 :         break;
    1552             : 
    1553             :       case s_chunk_data_done:
    1554           0 :         assert(parser->flags & F_CHUNKED);
    1555             :         STRICT_CHECK(ch != LF);
    1556           0 :         state = s_chunk_size_start;
    1557           0 :         break;
    1558             : 
    1559             :       default:
    1560           0 :         assert(0 && "unhandled state");
    1561             :         goto error;
    1562             :     }
    1563             :   }
    1564             : 
    1565           0 :   CALLBACK_NOCLEAR(header_field);
    1566           0 :   CALLBACK_NOCLEAR(header_value);
    1567           0 :   CALLBACK_NOCLEAR(fragment);
    1568           0 :   CALLBACK_NOCLEAR(query_string);
    1569           0 :   CALLBACK_NOCLEAR(path);
    1570           0 :   CALLBACK_NOCLEAR(url);
    1571             : 
    1572           0 :   parser->state = state;
    1573           0 :   parser->header_state = header_state;
    1574           0 :   parser->index = index;
    1575           0 :   parser->nread = nread;
    1576             : 
    1577           0 :   return len;
    1578             : 
    1579             : error:
    1580           0 :   parser->state = s_dead;
    1581           0 :   return (p - data);
    1582             : }
    1583             : 
    1584             : 
    1585             : int
    1586           0 : php_http_should_keep_alive (php_http_parser *parser)
    1587             : {
    1588           0 :   if (parser->http_major > 0 && parser->http_minor > 0) {
    1589             :     /* HTTP/1.1 */
    1590           0 :     if (parser->flags & F_CONNECTION_CLOSE) {
    1591           0 :       return 0;
    1592             :     } else {
    1593           0 :       return 1;
    1594             :     }
    1595             :   } else {
    1596             :     /* HTTP/1.0 or earlier */
    1597           0 :     if (parser->flags & F_CONNECTION_KEEP_ALIVE) {
    1598           0 :       return 1;
    1599             :     } else {
    1600           0 :       return 0;
    1601             :     }
    1602             :   }
    1603             : }
    1604             : 
    1605             : 
    1606           0 : const char * php_http_method_str (enum php_http_method m)
    1607             : {
    1608           0 :   return method_strings[m];
    1609             : }
    1610             : 
    1611             : 
    1612             : void
    1613           0 : php_http_parser_init (php_http_parser *parser, enum php_http_parser_type t)
    1614             : {
    1615           0 :   parser->type = t;
    1616           0 :   parser->state = (t == PHP_HTTP_REQUEST ? s_start_req : (t == PHP_HTTP_RESPONSE ? s_start_res : s_start_req_or_res));
    1617           0 :   parser->nread = 0;
    1618           0 :   parser->upgrade = 0;
    1619           0 :   parser->flags = 0;
    1620           0 :   parser->method = 0;
    1621           0 : }

Generated by: LCOV version 1.10

Generated at Tue, 25 Aug 2015 07:24:33 +0000 (3 days ago)

Copyright © 2005-2015 The PHP Group
All rights reserved.