summaryrefslogtreecommitdiffstats
path: root/src/network
diff options
context:
space:
mode:
Diffstat (limited to 'src/network')
-rw-r--r--src/network/access/qhttpnetworkconnection.cpp14
-rw-r--r--src/network/access/qhttpnetworkreply.cpp61
-rw-r--r--src/network/access/qhttpnetworkreply_p.h2
3 files changed, 55 insertions, 22 deletions
diff --git a/src/network/access/qhttpnetworkconnection.cpp b/src/network/access/qhttpnetworkconnection.cpp
index af0ac84..d4bf008 100644
--- a/src/network/access/qhttpnetworkconnection.cpp
+++ b/src/network/access/qhttpnetworkconnection.cpp
@@ -586,10 +586,20 @@ void QHttpNetworkConnectionPrivate::receiveReply(QAbstractSocket *socket, QHttpN
QHttpNetworkReplyPrivate::ReplyState state = reply ? reply->d_func()->state : QHttpNetworkReplyPrivate::AllDoneState;
switch (state) {
case QHttpNetworkReplyPrivate::NothingDoneState:
- case QHttpNetworkReplyPrivate::ReadingStatusState:
- bytes += reply->d_func()->readStatus(socket);
+ case QHttpNetworkReplyPrivate::ReadingStatusState: {
+ qint64 statusBytes = reply->d_func()->readStatus(socket);
+ if (statusBytes == -1) {
+ // error reading the status, close the socket and emit error
+ socket->close();
+ reply->d_func()->errorString = errorDetail(QNetworkReply::ProtocolFailure, socket);
+ emit reply->finishedWithError(QNetworkReply::ProtocolFailure, reply->d_func()->errorString);
+ QMetaObject::invokeMethod(q, "_q_startNextRequest", Qt::QueuedConnection);
+ break;
+ }
+ bytes += statusBytes;
channels[i].lastStatus = reply->d_func()->statusCode;
break;
+ }
case QHttpNetworkReplyPrivate::ReadingHeaderState:
bytes += reply->d_func()->readHeader(socket);
if (reply->d_func()->state == QHttpNetworkReplyPrivate::ReadingDataState) {
diff --git a/src/network/access/qhttpnetworkreply.cpp b/src/network/access/qhttpnetworkreply.cpp
index 4485485..310994c 100644
--- a/src/network/access/qhttpnetworkreply.cpp
+++ b/src/network/access/qhttpnetworkreply.cpp
@@ -409,39 +409,62 @@ qint64 QHttpNetworkReplyPrivate::readStatus(QAbstractSocket *socket)
if (fragment.endsWith('\r')) {
fragment.truncate(fragment.length()-1);
}
- parseStatus(fragment);
+ bool ok = parseStatus(fragment);
state = ReadingHeaderState;
fragment.clear(); // next fragment
+
+ if (!ok)
+ return -1;
break;
} else {
c = 0;
bytes += socket->read(&c, 1);
fragment.append(c);
}
+
+ // is this a valid reply?
+ if (fragment.length() >= 5 && !fragment.startsWith("HTTP/"))
+ return -1;
+
}
+
return bytes;
}
-void QHttpNetworkReplyPrivate::parseStatus(const QByteArray &status)
+bool QHttpNetworkReplyPrivate::parseStatus(const QByteArray &status)
{
- const QByteArrayMatcher sp(" ");
- int i = sp.indexIn(status);
- const QByteArray version = status.mid(0, i);
- int j = sp.indexIn(status, i + 1);
+ // from RFC 2616:
+ // Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF
+ // HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT
+ // that makes: 'HTTP/n.n xxx Message'
+ // byte count: 0123456789012
+
+ static const int minLength = 11;
+ static const int dotPos = 6;
+ static const int spacePos = 8;
+ static const char httpMagic[] = "HTTP/";
+
+ if (status.length() < minLength
+ || !status.startsWith(httpMagic)
+ || status.at(dotPos) != '.'
+ || status.at(spacePos) != ' ') {
+ // I don't know how to parse this status line
+ return false;
+ }
+
+ // optimize for the valid case: defer checking until the end
+ majorVersion = status.at(dotPos - 1) - '0';
+ minorVersion = status.at(dotPos + 1) - '0';
+
+ int i = spacePos;
+ int j = status.indexOf(' ', i + 1); // j == -1 || at(j) == ' ' so j+1 == 0 && j+1 <= length()
const QByteArray code = status.mid(i + 1, j - i - 1);
- const QByteArray reason = status.mid(j + 1, status.count() - j);
-
- const QByteArrayMatcher slash("/");
- int k = slash.indexIn(version);
- const QByteArrayMatcher dot(".");
- int l = dot.indexIn(version, k);
- const QByteArray major = version.mid(k + 1, l - k - 1);
- const QByteArray minor = version.mid(l + 1, version.count() - l);
-
- majorVersion = QString::fromAscii(major.constData()).toInt();
- minorVersion = QString::fromAscii(minor.constData()).toInt();
- statusCode = QString::fromAscii(code.constData()).toInt();
- reasonPhrase = QString::fromAscii(reason.constData());
+
+ bool ok;
+ statusCode = code.toInt(&ok);
+ reasonPhrase = QString::fromLatin1(status.constData() + j + 1);
+
+ return ok && uint(majorVersion) <= 9 && uint(minorVersion) <= 9;
}
qint64 QHttpNetworkReplyPrivate::readHeader(QAbstractSocket *socket)
diff --git a/src/network/access/qhttpnetworkreply_p.h b/src/network/access/qhttpnetworkreply_p.h
index 238a1da..cc5cce8 100644
--- a/src/network/access/qhttpnetworkreply_p.h
+++ b/src/network/access/qhttpnetworkreply_p.h
@@ -154,7 +154,7 @@ public:
QHttpNetworkReplyPrivate(const QUrl &newUrl = QUrl());
~QHttpNetworkReplyPrivate();
qint64 readStatus(QAbstractSocket *socket);
- void parseStatus(const QByteArray &status);
+ bool parseStatus(const QByteArray &status);
qint64 readHeader(QAbstractSocket *socket);
void parseHeader(const QByteArray &header);
qint64 readBody(QAbstractSocket *socket, QIODevice *out);