- XML parser: return error if string exceeds buffer size.

- client: when parsing MD5, use 64 instead of 33 char buffer. When the XML parser reads a string, it enforces the buffer size limit BEFORE it strips whitespace. So if a project put whitespaces before or after the MD5, it would fail to parse.
2013-03-29 22:36:53 -07:00 · 2013-03-29 22:36:53 -07:00 · 93b8289b60
parent 17b0362d27
commit 93b8289b60
5 changed files with 12 additions and 4 deletions
--- a/client/client_types.h
+++ b/client/client_types.h
@ -95,7 +95,7 @@ struct URL_LIST {

 struct FILE_INFO {
    char name[256];
-    char md5_cksum[33];
+    char md5_cksum[MD5_LEN];
    double max_nbytes;
    double nbytes;
    double gzipped_nbytes;  // defined if download_gzipped is true
--- a/lib/md5_file.h
+++ b/lib/md5_file.h
@ -21,6 +21,10 @@
 #include <string>

 // length of buffer to hold an MD5 hash
+// In principle need 32 + 1 for NULL,
+// but leave some room for XML whitespace
+// (since we parse before stripping whitespace)
+//
 #define MD5_LEN 64

 extern int md5_file(const char* path, char* output, double& nbytes);
--- a/lib/parse.cpp
+++ b/lib/parse.cpp
@ -566,6 +566,7 @@ bool XML_PARSER::parse_str(const char* start_tag, char* buf, int len) {
    //
    int retval = get_aux(buf, len, 0, 0);
    if (retval == XML_PARSE_EOF) return false;
+    if (retval == XML_PARSE_OVERFLOW) return false;

    // if it's the end tag, return empty string
    //
--- a/lib/parse.h
+++ b/lib/parse.h
@ -119,7 +119,9 @@ struct XML_PARSER {
    }

    // Scan something, either tag or text.
-    // Strip whitespace at start and end.
+    // Strip whitespace at start and end
+    // (however, the supplied buffer must accommodate this white space).
+    // Ignore comments.
    // Return true iff reached EOF
    //
    inline int get_aux(
--- a/lib/parse_test.cpp
+++ b/lib/parse_test.cpp
@ -13,6 +13,7 @@ void parse(FILE* f) {
    int val;
    double x;

+    strcpy(name, "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
    mf.init_file(f);
    if (!xp.parse_start("blah")) {
        printf("missing start tag\n");
@ -28,8 +29,8 @@ void parse(FILE* f) {
        if (xp.match_tag("/blah")) {
            printf("success\n");
            return;
-        } else if (xp.parse_str("str", name, sizeof(name))) {
-            printf("got str: %s\n", name);
+        } else if (xp.parse_str("str", name, 33)) {
+            printf("got str: [%s]\n", name);
        } else if (xp.parse_int("int", val)) {
            printf("got int: %d\n", val);
        } else if (xp.parse_double("double", x)) {