Factor out code to read mailboxes, and make read more robust
New tel_read_header(), tel_read_body(). Use them in rea(), show_first_tel(), copy_and_expire(). rea() now stops when it encounters a corrupt telegram, and logs the problem. Before, error detection was incomplete, and errors were not logged. Corrupt mailboxes could make it crash. show_first_tel() and copy_and_expire() can now cope with telegrams of arbitrary length, like rea(), and sanity-check the header fields they don't actually use.
This commit is contained in:
parent
6f1e669bea
commit
4238323d63
5 changed files with 114 additions and 76 deletions
|
|
@ -36,6 +36,7 @@
|
|||
#include <stdio.h>
|
||||
#include "optlist.h"
|
||||
#include "tel.h"
|
||||
#include "prototypes.h"
|
||||
|
||||
char *
|
||||
mailbox(char *buf, natid cn)
|
||||
|
|
@ -43,3 +44,57 @@ mailbox(char *buf, natid cn)
|
|||
sprintf(buf, "%s/tel%d", teldir, cn);
|
||||
return buf;
|
||||
}
|
||||
|
||||
/*
|
||||
* Read telegram header from FP into TEL.
|
||||
* MBOX is the file name, it is used for logging errors.
|
||||
* Return 1 on success, 0 on EOF, -1 on error.
|
||||
*/
|
||||
int
|
||||
tel_read_header(FILE *fp, char *mbox, struct telstr *tel)
|
||||
{
|
||||
size_t n;
|
||||
|
||||
n = fread(tel, 1, sizeof(*tel), fp);
|
||||
if (n == 0 && feof(fp))
|
||||
return 0;
|
||||
if (n != sizeof(*tel)
|
||||
|| tel->tel_type > TEL_LAST || tel->tel_from > MAXNOC) {
|
||||
logerror("Mailbox %s corrupt: bad header", mbox);
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
* Read telegram body from FP.
|
||||
* MBOX is the file name, it is used for logging errors.
|
||||
* TEL is the header.
|
||||
* Unless SINK is null, it is called like SINK(CHUNK, SZ, ARG) to
|
||||
* consume the body, chunk by chunk. The chunks are UTF-8, and
|
||||
* CHUNK[SZ} is 0. Reading fails when SINK() returns a negative
|
||||
* value.
|
||||
* Return 0 on success, -1 on failure.
|
||||
*/
|
||||
int
|
||||
tel_read_body(FILE *fp, char *mbox, struct telstr *tel,
|
||||
int (*sink)(char *, size_t, void *),
|
||||
void *arg)
|
||||
{
|
||||
char buf[4096];
|
||||
size_t left, sz;
|
||||
|
||||
left = tel->tel_length;
|
||||
while (left) {
|
||||
sz = MIN(left, sizeof(buf) - 1);
|
||||
if (fread(buf, 1, sz, fp) != sz) {
|
||||
logerror("Mailbox %s corrupt: can't read body", mbox);
|
||||
return -1;
|
||||
}
|
||||
buf[sz] = 0;
|
||||
if (sink && sink(buf, sz, arg) < 0)
|
||||
return -1;
|
||||
left -= sz;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue