curl-users
Re: Maybe cURL manual shall state something about the invalid range user input for FTP?
Date: Mon, 16 Apr 2007 16:23:49 +0800
Hi Daniel,
Here is my update to give some prompt for user when they input invalid
character in "-r/--range" option.
main.c:
--- main.c 2007-04-16 16:22:29.000000000 +0800
+++ main.c.update 2007-04-16 16:22:21.000000000 +0800
@@ -2187,9 +2187,25 @@
GetStr(&config->range, buffer);
}
else
- /* byte range requested */
- GetStr(&config->range, nextarg);
-
+ {
+ char* tmp_range;
+ tmp_range=nextarg;
+ while(*tmp_range != '\0')
+ {
+ if(!ISDIGIT(*tmp_range)&&*tmp_range!='-'&&*tmp_range!=',')
+ {
+ warnf(config,"Invalid character is found in user's input
range. "
+ "A specified range MUST have only digits in
\'start\'-\'stop\'. "
+ "Server's response upon this request could be
unexpectable\n");
+ break;
+ }
+
+ tmp_range++;
+ }
+
+ /* byte range requested */
+ GetStr(&config->range, nextarg);
+ }
break;
case 'R':
/* use remote file's time */
curl.1 for man manual:
--- curl.1 2007-04-16 16:06:30.000000000 +0800
+++ curl.1.update 2007-04-16 16:26:33.000000000 +0800
@@ -875,6 +875,11 @@
(*) = NOTE that this will cause the server to reply with a multipart
response!
+Only digit characters (0-9) are valid in 'start' and 'stop' of range syntax
+'start-stop'. If user input any non-digit character in the range, HTTP or
FTP
+server's response could be unexpectable, depending on different server's
+configuration.
+
You should also be aware that many HTTP/1.1 servers do not have this
feature
enabled, so that when you attempt to get a range, you'll instead get the
whole
document.
Any comments please let me know.
Best Regards,
Song Ma
2007/4/15, Daniel Stenberg <daniel_at_haxx.se>:
>
> On Fri, 13 Apr 2007, Song Ma wrote:
>
> > Yes I am willing to make a patch for these.
>
> Great!
>
> > But is there some document or guideline to tell me where I can start
> from?
> > Though I have used and studied cURL a lot before but I am new to
> interactive
> > with community. :)
>
> To add a warning, edit src/main.c
>
> To add something to the curl man page, edit docs/curl.1
>
> Then make a patch with 'diff' (described briefly in docs/CONTRIBUTE) and
> post
> here!
>
> --
> Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
>
Received on 2007-04-16