curl-library
Re: Curl problem/fix
Date: Wed, 3 Apr 2002 13:04:20 +0200 (MET DST)
On Wed, 3 Apr 2002, Tor Arntsen wrote:
[reply CC'ed to the libcurl mailing list for info]
> The current curl does not work very well with sites using the CGI_Lite Perl
> package, because that package uses the form separation strings in regular
> expressions. So whenever curl happens to generate a form separation string
> with the letters '+' or '/' the HTTP request fails.
Thanks for your patch!
This is not a flaw in (lib)curl, this is a bug in the perl package you're
using. RFC2046, section 5.1.1, page 22 clearly states that both these
characters are legal in boundary separators. In fact, there are a whole range
of other characters that are also legal and will cause the same problems for
that perl script (since characters such as ( and ), ? etc also are
regex-letters).
It seems someone was being ignorant of the standards when writing that code.
:-)
Also AFAIK, '/' is not used in regexes...
> The below fix illustrates the problem, but maybe there is a better way.
> It works, anyway.
While I'll accept this patch as it does no harm and increases compatibility
with some web scripts "out there", I strongly urge you to take this issue to
the author of that perl package.
>
> Tor Arntsen (tor_at_spacetec.no)
> --
> Index: lib/formdata.c
> ===================================================================
> RCS file: /cvsroot/curl/curl/lib/formdata.c,v
> retrieving revision 1.35
> diff -u -r1.35 formdata.c
> --- lib/formdata.c 19 Mar 2002 07:54:55 -0000 1.35
> +++ lib/formdata.c 3 Apr 2002 10:19:08 -0000
> @@ -982,8 +982,8 @@
> the same form won't be identical */
> int i;
>
> - static char table64[]=
> - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
> + static char table62[]=
> + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
>
> retstring = (char *)malloc(BOUNDARY_LENGTH);
>
> @@ -995,7 +995,7 @@
> strcpy(retstring, "curl"); /* bonus commercials 8*) */
>
> for(i=4; i<(BOUNDARY_LENGTH-1); i++) {
> - retstring[i] = table64[rand()%64];
> + retstring[i] = table62[rand()%62];
> }
> retstring[BOUNDARY_LENGTH-1]=0; /* zero terminate */
>
>
--
Daniel Stenberg -- curl groks URLs -- http://curl.haxx.se/
Received on 2002-04-03