Re: resend: http.c: redirect corrections.

Mon, 28 Nov 2005 18:41:56 -0800 

Aric Stewart wrote:


Index: dlls/wininet/http.c
===================================================================
RCS file: /home/wine/wine/dlls/wininet/http.c,v
retrieving revision 1.113
diff -u -r1.113 http.c
--- dlls/wininet/http.c 22 Nov 2005 14:53:30 -0000      1.113
+++ dlls/wininet/http.c 22 Nov 2005 15:35:24 -0000
@@ -629,6 +634,26 @@

    /* We appear to do nothing with the buffer.. is that correct? */

+    if(!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_AUTO_REDIRECT))
+    {
+        DWORD dwCode,dwCodeLength=sizeof(DWORD),dwIndex=0;
+        
if(HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_STATUS_CODE,&dwCode,&dwCodeLength,&dwIndex)
 &&
+            (dwCode==302 || dwCode==301))
+        {
+            WCHAR szNewLocation[2048];
+            DWORD dwBufferSize=2048;
+            dwIndex=0;
+            
if(HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_LOCATION,szNewLocation,&dwBufferSize,&dwIndex))
+            {
+                   static const WCHAR szGET[] = { 'G','E','T', 0 };
+                /* redirects are always GETs */
+                HeapFree(GetProcessHeap(),0,lpwhr->lpszVerb);
+                   lpwhr->lpszVerb = WININET_strdupW(szGET);
+                return HTTP_HandleRedirect(lpwhr, szNewLocation, NULL, 0, 
NULL, 0);
+            }
+        }
+    }
+
    TRACE("%i <--\n",rc);
    return rc;
}
This proves that HttpSendRequestEx and HttpSendRequest need to share more code. 


@@ -1849,13 +1885,26 @@
#endif
HeapFree(GetProcessHeap(), 0, lpwhs->lpszServerName); 
-        lpwhs->lpszServerName = WININET_strdupW(hostName);
+        if (urlComponents.nPort != INTERNET_DEFAULT_HTTP_PORT &&
+                urlComponents.nPort != INTERNET_DEFAULT_HTTPS_PORT)
+        {
+            int len;
+            static WCHAR fmt[] = {'%','s',':','%','i',0};
+            len = lstrlenW(hostName);
+            len+=6;
+            lpwhs->lpszServerName = 
HeapAlloc(GetProcessHeap(),0,len*sizeof(WCHAR));
I submitted a patch to unbreak the Host header for proxies that means you should be changing lpwhs->lpszHostName now. 


+            sprintfW(lpwhs->lpszServerName,fmt,hostName,urlComponents.nPort);
+        }
+        else
+            lpwhs->lpszServerName = WININET_strdupW(hostName);
+
+        HTTP_ProcessHeader(lpwhr, g_szHost, lpwhs->lpszServerName, 
HTTP_ADDREQ_FLAG_ADD | HTTP_ADDREQ_FLAG_REPLACE | HTTP_ADDHDR_FLAG_REQ);
+
+ 

And you should be sending lpwhs->lpszHostName.


@@ -1868,6 +1917,9 @@
            return FALSE;
        }

+        if (lstrlenW(extra)>0)
+            StrCatW(path,extra);
Why are you using a shlwapi string function? What's wrong with strcatW or lstrcatW?
Also, this could easily cause a buffer overflow by a server sending a redirect with a large query. You need to check that there is enough space before blinding copying into the buffer.
- Rob Shearman

Reply via email to