Fix crash in malloc (#6583)

* Server Crashing: URL search path The system was setting NULL in an address without to have the values * Server Crashing: URL script After to fix the SSL, the script were not 100% compatible, so I am bringing the solution here * Server Crashing: Fixes reported in the issue related a possible NULL value to be kept and wrong variable * Server Crashing: Readable code and missing if It was a missing if yet, so I changed it, no less important I inverted the check order inside if to be more readable
author: thiagoftsm <thiagoftsm@gmail.com> 2019-08-01 15:05:31 +0000
committer: Paul Emm. Katsoulakis <34388743+paulkatsoulakis@users.noreply.github.com> 2019-08-01 18:05:31 +0300
commit: 2db6d758f843fbf6f50f303e6a704deeff3bcc8e (patch)
tree: 41ac39d770640f93e20f5e64bd6e0b5307b373bc /web/server
parent: deb3623fdccde61207bc21753ac0284ecb259d79 (diff)
1 files changed, 5 insertions, 4 deletions
diff --git a/web/server/web_client.c b/web/server/web_client.c
index 2da6c1dec1..abd37a8f49 100644
--- a/web/server/web_client.c
+++ b/web/server/web_client.c
@@ -929,7 +929,6 @@ void web_client_split_path_query(struct web_client *w, char *s) {
 
     w->separator = 0x00;
     w->url_path_length = strlen(s);
-    w->url_search_path = NULL;
 }
 
 /**
@@ -1035,20 +1034,22 @@ static inline HTTP_VALIDATION http_request_validate(struct web_client *w) {
                 // a valid complete HTTP request found
 
                 *ue = '\0';
+                //This is to avoid crash in line
+                w->url_search_path = NULL;
                 if(w->mode != WEB_CLIENT_MODE_NORMAL) {
                     if(!url_decode_r(w->decoded_url, encoded_url, NETDATA_WEB_REQUEST_URL_SIZE + 1))
                         return HTTP_VALIDATION_MALFORMED_URL;
                 } else {
                     web_client_split_path_query(w, encoded_url);
 
-                    if (w->separator) {
+                    if (w->url_search_path && w->separator) {
                         *w->url_search_path = 0x00;
                     }
 
                     if(!url_decode_r(w->decoded_url, encoded_url, NETDATA_WEB_REQUEST_URL_SIZE + 1))
                         return HTTP_VALIDATION_MALFORMED_URL;
 
-                    if (w->separator) {
+                    if (w->url_search_path && w->separator) {
                         *w->url_search_path = w->separator;
 
                         char *from = (encoded_url + w->url_path_length);
@@ -1064,7 +1065,7 @@ static inline HTTP_VALIDATION http_request_validate(struct web_client *w) {
                 // copy the URL - we are going to overwrite parts of it
                 // TODO -- ideally we we should avoid copying buffers around
                 strncpyz(w->last_url, w->decoded_url, NETDATA_WEB_REQUEST_URL_SIZE);
-                if (w->separator) {
+                if (w->url_search_path && w->separator) {
                     *w->url_search_path = 0x00;
                 }
 #ifdef ENABLE_HTTPS
author	thiagoftsm <thiagoftsm@gmail.com>	2019-08-01 15:05:31 +0000
committer	Paul Emm. Katsoulakis <34388743+paulkatsoulakis@users.noreply.github.com>	2019-08-01 18:05:31 +0300
commit	2db6d758f843fbf6f50f303e6a704deeff3bcc8e (patch)
tree	41ac39d770640f93e20f5e64bd6e0b5307b373bc /web/server
parent	deb3623fdccde61207bc21753ac0284ecb259d79 (diff)