Skip to content

/curl

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Incorrect EOF handling with "-F field=<-" #1281

Closed
shachaf opened this Issue Feb 23, 2017 · 4 comments

Comments

Assignees
No one assigned
Labels
HTTP
Projects
None yet
Milestone
No milestone
2 participants
@shachaf @bagder
@shachaf
Copy link

shachaf commented Feb 23, 2017

To reproduce: Run curl -F 'field=<-' 'http://example.com/', then type "abc\n" and press ^D; curl will continue waiting for input until you press ^D a second time.

The bug is caused by the use of fread() in Curl_getformdata() (code at the time of writing). In the example above, fread() will return 4 after the first call, even at EOF. To handle EOF correctly, the code should check feof() explicitly.

@bagder bagder added the HTTP label Feb 23, 2017

@bagder

This comment has been minimized.

Sign in to view
Copy link
Member

bagder commented Feb 23, 2017

Sounds perfectly reasonable! Like this:

diff --git a/lib/formdata.c b/lib/formdata.c
index c12227623..668f5da0e 100644
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -3,11 +3,11 @@
  *  Project                     ___| | | |  _ \| |
  *                             / __| | | | |_) | |
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
  * are also available at https://curl.haxx.se/docs/copyright.html.
  *
@@ -1332,10 +1332,12 @@ CURLcode Curl_getformdata(struct Curl_easy *data,
             char buffer[512];
             while((nread = fread(buffer, 1, sizeof(buffer), fileread)) != 0) {
               result = AddFormData(&form, FORM_CONTENT, buffer, nread, &size);
               if(result)
                 break;
+              if(feof(fileread))
+                break;
             }
           }
         }
         else {
           if(data)
@shachaf

This comment has been minimized.

Sign in to view
Copy link
Author

shachaf commented Feb 23, 2017

While you're at it you may also want to check for ferror(), which is a separate condition from feof().
@bagder

This comment has been minimized.

Sign in to view
Copy link
Member

bagder commented Feb 23, 2017

True. But what errors could that really be when reading from stdin that don't also end the stream? I suppose it won't do any harm to check for them too, but I'm thinking we ignore the error and use the read data up until that point anyway...

@bagder bagder closed this in 86f5660 Feb 23, 2017

@bagder

This comment has been minimized.

Sign in to view
Copy link
Member

bagder commented Feb 23, 2017

Thanks!

@lock lock bot locked as resolved and limited conversation to collaborators May 6, 2018

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
You can’t perform that action at this time.