webkeonsanjeev / skipfish

Automatically exported from code.google.com/p/skipfish
Apache License 2.0
0 stars 0 forks source link

uncompress false while inflate the data compressed with mod_deflate(notably Apache) #107

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
version:
  skipfish-1.84b

http_client.c:1563-1564
    err = inflate(&d, Z_FINISH);
    inflateEnd(&d);

Fixup:
   err = inflate(&d, Z_FINISH); 
   if(err == Z_DATA_ERROR){
      //some servers(notably Apache) don't generate zlib headers
      // insert a dummy header and try again
      static char dummy_head[2] = 
      {
      0x8 + 0x7 * 0x10,
      (((0x8 + 0x7 * 0x10) * 0x100 + 30) / 31 * 31) & 0xFF, 
      };      
      inflateReset(&d);
      d.next_in = (Bytef*) dummy_head;
      d.avail_in = sizeof(dummy_head);   
      err = inflate(&d, Z_NO_FLUSH); 
      if (err == Z_OK){
          // reset stream pointers to our original data 
          d.next_out  = tmp_buf;
          d.avail_out = size_limit;
          d.next_in   = res->payload;
          d.avail_in  = res->pay_len;
          // inflate once again
          err = inflate(&d, Z_FINISH);
       }
   }
   inflateEnd(&d);

Original issue reported on code.google.com by bsn0w...@gmail.com on 26 Jan 2011 at 10:27

GoogleCodeExporter commented 8 years ago
I tested this against many Apache instances; is this a problem you were running 
into in practice? In what settings?

Also, what's with the odd arithmetic in dummy_head?

Original comment by lcam...@gmail.com on 26 Jan 2011 at 7:05

GoogleCodeExporter commented 8 years ago
[deleted comment]
GoogleCodeExporter commented 8 years ago
[deleted comment]
GoogleCodeExporter commented 8 years ago
I met this problem while accessing the sites of "http://www.looks-shop.com" and 
"http://float2006.tq.cn/floatcard?adminid=9018267&sort=0"
(attention! these sites may have malwares,Do not accessing them via IE)

I debuged the code and found the functions inflate return the Z_DATA_ERROR at 
all the time.

Original comment by bsn0w...@gmail.com on 31 Jan 2011 at 7:28

GoogleCodeExporter commented 8 years ago
I have met the same problem when I access 
http://baike.baidu.com/view/125139.htm.The deflate is raw so as the zlib can't 
handle it.thanks to bsn0w...

Original comment by faicker...@gmail.com on 8 Jun 2011 at 11:17