Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

HTTP IAP bug #69

Open
khevessy opened this issue Jul 13, 2022 · 2 comments
Open

HTTP IAP bug #69

khevessy opened this issue Jul 13, 2022 · 2 comments
Assignees
Labels
needs clarification Needs clarification or inputs from the user projects Projects-related (demos, applications, examples) issue or pull-request.

Comments

@khevessy
Copy link

khevessy commented Jul 13, 2022

I think there is a potential bug in the HTTP IAP example. In the web server, there this code:

if (strncmp(data, "GET /", 5) == 0)
{
if ((strncmp(data, "GET /resetmcu.cgi", 17) ==0)&&(htmlpage == UploadDonePage))
{
htmlpage = ResetDonePage;
fs_open("/reset.html", &file);
hs->file = file.data;
hs->left = file.len;
pbuf_free(p);
/* send reset.html page */
send_data(pcb, hs);
resetpage = 1;
/* Tell TCP that we wish be to informed of data that has been
successfully sent by a call to the http_sent() function. */
tcp_sent(pcb, http_sent);
}
else
{
if (alreadyLoggedIn == 0)
{
/*send the login page (which is the index page) */
htmlpage = LoginPage;
fs_open("/index.html", &file);
hs->file = file.data;
hs->left = file.len;
pbuf_free(p);
/* send index.html page */
send_data(pcb, hs);
/* Tell TCP that we wish be to informed of data that has been
successfully sent by a call to the http_sent() function. */
tcp_sent(pcb, http_sent);
}
}
}

and
if (strncmp(data, "GET /", 5) == 0)
{
if ((strncmp(data, "GET /resetmcu.cgi", 17) ==0)&&(htmlpage == UploadDonePage))
{
htmlpage = ResetDonePage;
fs_open("/reset.html", &file);
hs->file = file.data;
hs->left = file.len;
pbuf_free(p);
/* send reset.html page */
send_data(pcb, hs);
resetpage = 1;
/* Tell TCP that we wish be to informed of data that has been
successfully sent by a call to the http_sent() function. */
tcp_sent(pcb, http_sent);
}
else
{
if (alreadyLoggedIn == 0)
{
/*send the login page (which is the index page) */
htmlpage = LoginPage;
fs_open("/index.html", &file);
hs->file = file.data;
hs->left = file.len;
pbuf_free(p);
/* send index.html page */
send_data(pcb, hs);
/* Tell TCP that we wish be to informed of data that has been
successfully sent by a call to the http_sent() function. */
tcp_sent(pcb, http_sent);
}
}
}

which is used for handling GET request. POST requests are handled in else if() clause on lines 272 and 308. However, when sending of the binary is already happening, this can cause problem when the binary will contain string GET / and it will be just at the beginning of the data packet (it happened to me). Then we will skip this one packet and won't write the data at all.
My proposal for solution would be either add a check for which page are we on to the line 232, or move the clause that is handling the raw data (from line 308) to the beginning of the if.

Similar problem is also in the STM32CubeF4 project, I'll make separate issue there as the code is a little bit different.

@ASELSTM
Copy link
Contributor

ASELSTM commented Aug 16, 2022

Hi @Irisbus,

Would you please give us more details about how you got this issue ? Did you detected it at runtime or is it just an observation ?

With regards,

@ASELSTM ASELSTM self-assigned this Aug 16, 2022
@ASELSTM ASELSTM added needs clarification Needs clarification or inputs from the user projects Projects-related (demos, applications, examples) issue or pull-request. labels Aug 16, 2022
@ASELSTM ASELSTM added the mw Middleware-related issue or pull-request. label Aug 16, 2022
@khevessy
Copy link
Author

khevessy commented Aug 16, 2022

Hi,

yes, we detected it runtime (in an application based on this example). Maybe there is a very slim chance of this occurring but it can happen.

Regards,
Karel

@TOUNSTM TOUNSTM assigned ASEHSTM and unassigned ASELSTM Jun 5, 2024
@ASEHSTM ASEHSTM removed the mw Middleware-related issue or pull-request. label Aug 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
needs clarification Needs clarification or inputs from the user projects Projects-related (demos, applications, examples) issue or pull-request.
Projects
Development

No branches or pull requests

3 participants