curl-library
Incorrect size passed to the writer function set by CURLOPT_WRITEFUNCTION
Date: Tue, 13 May 2014 20:46:08 +0530
We have an issue with the response copied to the user buffer by the writer
function specified with the CURLOPT_WRITEFUNCTION. It appears that the
pointer passed to the writer function is offset by two bytes from the
actual start of the response but the size is not decremented.
Snippet from the code:
size_t write_data(void *contents, size_t size, size_t nmemb, void *userp)
{
char* ptr = (char*)contents;
cout << "Buffer at source :" <<endl;
for (int i=0;i < (size* nmemb);i++ )
cout<<*(ptr+i);
((std::string*)userp)->append((char*)contents, size * nmemb);
cout<<"Size : "<<size<<" nmemb: "<<nmemb<<endl;
return size * nmemb;
}
int main()
{
std::string outbuf;
vector <string> header;
header.push_back("Content-Type: application/xml; charset=\"utf-8\"");
header.push_back("CIMOperation: MethodCall");
header.push_back("CIMMethod: sample_method");
string xmlString("dummy xml string");
CURLcode ret = CURLE_FAILED_INIT;
CURL *hnd = curl_easy_init();
if(NULL != hnd) {
curl_slist *headerArray = NULL;
//Append the custom headers to curl_slist structure
for(int i=0; i < header.size(); ++i) {
headerArray =
curl_slist_append(headerArray,header[i].c_str());
}
curl_easy_setopt(hnd, CURLOPT_URL,"https://abc.xyz.com:123/cimom");
curl_easy_setopt(hnd, CURLOPT_HEADER, 1);
curl_easy_setopt(hnd, CURLOPT_PROXY, NULL);
curl_easy_setopt(hnd, CURLOPT_WRITEFUNCTION, write_data);
curl_easy_setopt(hnd, CURLOPT_WRITEDATA,&outbuf);
curl_easy_setopt(hnd, CURLOPT_POST, 1);
curl_easy_setopt(hnd, CURLOPT_TIMEOUT, 120);
curl_easy_setopt(hnd, CURLOPT_UNRESTRICTED_AUTH, 1);
curl_easy_setopt(hnd, CURLOPT_POSTFIELDS,xmlString.c_str());
curl_easy_setopt(hnd, CURLOPT_POSTFIELDSIZE, xmlString.size());
curl_easy_setopt(hnd, CURLOPT_SSLCERT,"/etc/apache/server.crt" );
curl_easy_setopt(hnd, CURLOPT_SSLCERTTYPE, "PEM");
curl_easy_setopt(hnd, CURLOPT_SSLKEY, "/etc/apache/server.key");
curl_easy_setopt(hnd, CURLOPT_SSH_PRIVATE_KEYFILE,
"/etc/apache/server.crt");
curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0);
curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0);
curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1);
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headerArray);
curl_easy_setopt(hnd, CURLOPT_NOSIGNAL, 1);
ret = curl_easy_perform(hnd);
curl_slist_free_all(headerArray);
curl_easy_cleanup(hnd);
}
return 0;
}
Sample output:
< HTTP/1.1 401 Unauthorized
Buffer at source :
HTTP/1.1 401 Unauthorized
Size : 1 nmemb: 27
This is resulting in a buffer out-of-bounds access. I need help to identify
if there is anything wrong in the usage of the CURLOPT_WRITEFUNCTION
function or this is a known issue?
Thanks in advance for your help!
Regards
Rashmi
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-05-13