On 26/01/2026 21:28, Gianluca Cannata wrote:
Il giorno lun 26 gen 2026 alle ore 07:35 Amos Jeffries
<[email protected]> ha scritto:
On 26/01/2026 01:05, Gianluca Cannata wrote:
Hi Amos,
thank you for your feedback.
I have tried to address all of your comments.
Let me know what you think.
Gianluca
Index: httpfs/http.c
===================================================================
--- httpfs.orig/http.c
+++ httpfs/http.c
@@ -34,6 +34,8 @@
#include <hurd/hurd_types.h>
#include <hurd/netfs.h>
+#define MAX_HTTP_STATUS_LINE 256
+
Still need to document that this value is relatively arbitrary. We only
use the first 13 bytes of the first line.
What value do you suggest ?
The number is fine, what is needed is a comment that the value is
arbitrary with a minimum of 13, so others are free to alter it if they
want but know not to go too small.
Technically the HTTP "Reason Phrase" string is unlimited length.
How to protect against it ?
I would have the caller function doing all the I/O and passing the
buffer to this function once it thinks a status line has been received.
/* do a DNS lookup for HOST and store result in *DEST */
error_t lookup_host (const char *host, struct sockaddr_storage *dest,
socklen_t *dest_len, int *socktype, int *protocol)
{
@@ -100,34 +102,73 @@ error_t lookup_host (const char *host, s
return 0;
}
-/* read the first line from the socket and return an error_t error */
+/* read the first line from the socket or return an error_t error */
static error_t translate_http_status (int fd, ssize_t *nread)
{
- char buf[32];
+ char buf[MAX_HTTP_STATUS_LINE];
+ size_t i = 0;
+ ssize_t n;
+ char c;
+ int status;
+
+ *nread = 0;
+
+ /* 1. byte-per-byte read until \n */
+ while (i < sizeof (buf) - 1) {
+ n = read (fd, &c, 1);
+ if (n <= 0) return EIO;
+ buf[i++] = c;
+ if (c == '\n') break;
+ }
I suspect this is heading in a bad direction. AFAIK, system calls are
quite expensive.
We know that a minimum of 13 bytes are needed for this function, so you
can start with that many and reduce by the amount actually received
until that much is read in.
Ok.
After which, you can do whatever to discard the remainder of the line.
No need to even put that part in buf.
How to discard data ? There is a portable way of doing it ?
Loop on a read() call, but do not increment the place in the buffer
which the data is being put. So each cycle it "forgets" what was
received previously. Until nothing, or the EOL delimiter arrives.
If this function keeps doing the read() operations you will need to be
careful not to over-read.
If you have the caller doing the I/O then you can read larger chunks and
shift the buffer contents to keep any of the header section that came in.
HTH
Amos
