RubyGems - agoo - Versions diffs - 2.5.6 → 2.5.7 - Mend

agoo 2.5.6 → 2.5.7

Potentially problematic release.

This version of agoo might be problematic. Click here for more details.

Files changed (16) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cad69f3ff26f2495acc27644889572dceafba42fffe0bf15b27f3ed711f764a6
-  data.tar.gz: c47ac0aca4a90eebb507bf64d3da2508bc9ce1e608d281f351ea1745ad0cb745
+  metadata.gz: cf9915f94b902db5415c971deaa9b1acbcf1a293656958fe78b4b467256ce858
+  data.tar.gz: 3e6a90cff696e575faa58cd5e18af23234eedab8c0478f5ecb5ec8b385de56e4
 SHA512:
-  metadata.gz: cdd0fb689b6e1afa3b65c4cbb5b2c7151b7d76202aa0c58a57d30a8bf2e1d3cdb026f15a731745eab042f762639ed29094c065354c942cf4c2b20cd99c11d53b
-  data.tar.gz: 3c82c32e1e52ccd0da66b47c94365d236c27ea4c7be7812fb9a5d8a91d880c9d6838a4734e1ddf00f77ed3fd8de3a3583f83bdf4e02c235483c27da27d0573c4
+  metadata.gz: 773278757468ee34167b62a2cbf41d0c35caf3240b595d5b500222045acd247273317f84fd9e25dc8b1dfbe2afce1585bbfcda360e458c15e9a28493dc078938
+  data.tar.gz: 68fadbf82b989ebc4ae2deb35209f5aff9f7d1a6a289b8d53cbab8c7930a44e93ba9515a36e15d5ed0fb9d3e6717d2c0678606c6b9c62330839b278b4e59c41b

data/CHANGELOG.md CHANGED

@@ -1,5 +1,13 @@
 # CHANGELOG
+### 2.5.7 - 2018-12-03
+Bad release fix along with upload example.
+- Additional return value checking on `strdup`, `strndup`, and `fstat`.
+- Fix double free when a connection times out.
 ### 2.5.6 - 2018-11-26
 Even more cleanup and minor performance tweak.

data/ext/agoo/bind.c CHANGED

@@ -26,7 +26,10 @@ agoo_bind_port(agooErr err, int port) {
 	b->family = AF_INET;
 	snprintf(id, sizeof(id) - 1, "http://:%d", port);
 	strcpy(b->scheme, "http");
-	b->id = strdup(id);
+	if (NULL == (b->id = strdup(id))) {
+	    agoo_err_set(err, AGOO_ERR_MEMORY, "strdup of bind id failed.");
+	    return NULL;
+	}
 	b->kind = AGOO_CON_HTTP;
 	b->read = NULL;
 	b->write = NULL;
@@ -70,7 +73,10 @@ url_tcp(agooErr err, const char *url, const char *scheme) {
 	b->addr4 = addr;
 	b->family = AF_INET;
 	snprintf(id, sizeof(id), "%s://%s:%d", scheme, inet_ntoa(addr), port);
-	b->id = strdup(id);
+	if (NULL == (b->id = strdup(id))) {
+	    agoo_err_set(err, AGOO_ERR_MEMORY, "strdup of bind id failed.");
+	    return NULL;
+	}
 	strncpy(b->scheme, scheme, sizeof(b->scheme));
 	b->scheme[sizeof(b->scheme) - 1] = '\0';
 	b->kind = AGOO_CON_HTTP;
@@ -113,7 +119,10 @@ url_tcp6(agooErr err, const char *url, const char *scheme) {
 	b->addr6 = addr;
 	b->family = AF_INET6;
 	snprintf(buf, sizeof(buf), "%s://[%s]:%d", scheme, inet_ntop(AF_INET6, &addr, str, INET6_ADDRSTRLEN), port);
-	b->id = strdup(buf);
+	if (NULL == (b->id = strdup(buf))) {
+	    agoo_err_set(err, AGOO_ERR_MEMORY, "strdup of bind id failed.");
+	    return NULL;
+	}
 	strncpy(b->scheme, scheme, sizeof(b->scheme));
 	b->scheme[sizeof(b->scheme) - 1] = '\0';
 	b->kind = AGOO_CON_HTTP;
@@ -142,9 +151,15 @@ url_named(agooErr err, const char *url) {
 	    DEBUG_ALLOC(mem_bind, b);
 	    memset(b, 0, sizeof(struct _agooBind));
-	    b->name = strdup(url);
+	    if (NULL == (b->name = strdup(url))) {
+		agoo_err_set(err, AGOO_ERR_MEMORY, "strdup of bind url failed.");
+		return NULL;
+	    }
 	    snprintf(id, sizeof(id) - 1, fmt, url);
-	    b->id = strdup(id);
+	    if (NULL == (b->id = strdup(id))) {
+		agoo_err_set(err, AGOO_ERR_MEMORY, "strdup of bind id failed.");
+		return NULL;
+	    }
 	    strcpy(b->scheme, "unix");
 	    b->kind = AGOO_CON_HTTP;
 	    b->read = NULL;

data/ext/agoo/con.c CHANGED

@@ -24,7 +24,7 @@
 #include "upgraded.h"
 #include "websocket.h"
-#define CON_TIMEOUT		5.0
+#define CON_TIMEOUT		10.0
 #define INITIAL_POLL_SIZE	1024
 typedef enum {
@@ -91,7 +91,7 @@ agoo_con_destroy(agooCon c) {
 	c->up = NULL;
     }
     agoo_log_cat(&agoo_con_cat, "Connection %llu closed.", (unsigned long long)c->id);
-    DEBUG_FREE(mem_con, c)
+    DEBUG_FREE(mem_con, c);
     free(c);
 }
@@ -1023,16 +1023,12 @@ con_ready_check(void *ctx, double now) {
     if (c->dead || 0 == c->sock) {
 	if (remove_dead_res(c)) {
-	    agoo_con_destroy(c);
 	    return false;
 	}
     } else if (0.0 == c->timeout || now < c->timeout) {
 	return true;
     } else if (c->closing) {
 	if (remove_dead_res(c)) {
-	    agoo_con_destroy(c);
 	    return false;
 	}
     } else if (AGOO_CON_WS == c->bind->kind || AGOO_CON_SSE == c->bind->kind) {

data/ext/agoo/gqlvalue.c CHANGED

@@ -719,8 +719,8 @@ gql_i64_set(gqlValue value, int64_t i) {
     value->i64 = i;
 }
-void
-gql_string_set(gqlValue value, const char *str, int len) {
+int
+gql_string_set(agooErr err, gqlValue value, const char *str, int len) {
     value->type = &gql_string_type;
     if (NULL == str) {
 	value->str = NULL;
@@ -732,9 +732,12 @@ gql_string_set(gqlValue value, const char *str, int len) {
 	    value->type = &gql_str16_type;
 	    strncpy(value->str16, str, len);
 	} else {
-	    value->str = strndup(str, len);
+	    if (NULL == (value->str = strndup(str, len))) {
+		return agoo_err_set(err, AGOO_ERR_MEMORY, "strndup of length %d failed.", len);
+	    }
 	}
     }
+    return AGOO_ERR_OK;
 }
 int
@@ -746,7 +749,9 @@ gql_url_set(agooErr err, gqlValue value, const char *url, int len) {
 	if (0 >= len) {
 	    len = (int)strlen(url);
 	}
-	value->url = strndup(url, len);
+	if (NULL == (value->url = strndup(url, len))) {
+	    return agoo_err_set(err, AGOO_ERR_MEMORY, "strndup of length %d failed.", len);
+	}
     }
     return AGOO_ERR_OK;
 }
@@ -905,7 +910,10 @@ gql_string_create(agooErr err, const char *str, int len) {
     }
     if ((int)sizeof(v->str16) <= len) {
 	if (NULL != (v = value_create(&gql_string_type))) {
-	    v->str = strndup(str, len);
+	    if (NULL == (v->str = strndup(str, len))) {
+		agoo_err_set(err, AGOO_ERR_MEMORY, "strndup of length %d failed.", len);
+		return NULL;
+	    }
 	}
     } else {
 	if (NULL != (v = value_create(&gql_str16_type))) {
@@ -924,7 +932,11 @@ gql_url_create(agooErr err, const char *url, int len) {
 	len = (int)strlen(url);
     }
     if (NULL != v) {
-	v->str = strndup(url, len);
+	if (NULL == (v->str = strndup(url, len))) {
+	    agoo_err_set(err, AGOO_ERR_MEMORY, "strndup of length %d failed.", len);
+	    return NULL;
+	}
     }
     return v;
 }

data/ext/agoo/gqlvalue.h CHANGED

@@ -63,7 +63,7 @@ extern int	gql_object_set(agooErr err, gqlValue obj, const char *key, gqlValue i
 extern void	gql_int_set(gqlValue value, int32_t i);
 extern void	gql_i64_set(gqlValue value, int64_t i);
-extern void	gql_string_set(gqlValue value, const char *str, int len);
+extern int	gql_string_set(agooErr err, gqlValue value, const char *str, int len);
 extern int	gql_url_set(agooErr err, gqlValue value, const char *url, int len);
 extern void	gql_bool_set(gqlValue value, bool b);
 extern void	gql_float_set(gqlValue value, double f);

data/ext/agoo/graphql.c CHANGED

@@ -307,6 +307,10 @@ type_create(agooErr err, const char *name, const char *desc, int dlen, bool lock
 	    } else {
 		type->desc = strndup(desc, dlen);
 	    }
+	    if (NULL == type->desc) {
+		agoo_err_set(err, AGOO_ERR_MEMORY, "strdup or strndup of length %d failed.", dlen);
+		return NULL;
+	    }
 	}
 	type->locked = locked;
 	type->core = false;
@@ -476,7 +480,9 @@ gql_union_add(agooErr err, gqlType type, const char *name, int len) {
     if (0 >= len) {
 	len = (int)strlen(name);
     }
-    link->name = strndup(name, len);
+    if (NULL == (link->name = strndup(name, len))) {
+	return agoo_err_set(err, AGOO_ERR_MEMORY, "strndup of length %d failed.", len);
+    }
     if (NULL == type->types) {
 	link->next = type->types;
 	type->types = link;
@@ -521,8 +527,9 @@ gql_enum_add(agooErr err, gqlType type, const char *value, int len) {
     }
     link->next = type->choices;
     type->choices = link;
-    link->str = strndup(value, len);
+    if (NULL == (link->str = strndup(value, len))) {
+	return agoo_err_set(err, AGOO_ERR_MEMORY, "strdup or strndup of length %d failed.", len);
+    }
     return AGOO_ERR_OK;
 }
@@ -536,7 +543,9 @@ gql_enum_append(agooErr err, gqlType type, const char *value, int len) {
     if (0 >= len) {
 	len = (int)strlen(value);
     }
-    link->str = strndup(value, len);
+    if (NULL == (link->str = strndup(value, len))) {
+	return agoo_err_set(err, AGOO_ERR_MEMORY, "strdup or strndup of length %d failed.", len);
+    }
     if (NULL == type->choices) {
 	link->next = type->choices;
 	type->choices = link;
@@ -655,6 +664,10 @@ gql_directive_create(agooErr err, const char *name, const char *desc, int dlen,
 	} else {
 	    dir->desc = strndup(desc, dlen);
 	}
+	if (NULL == dir->desc) {
+	    agoo_err_set(err, AGOO_ERR_MEMORY, "strdup or strndup of length %d failed.", dlen);
+	    return NULL;
+	}
     }
     return dir;
 }
@@ -686,6 +699,10 @@ gql_dir_arg(agooErr 		err,
 	} else {
 	    a->desc = strndup(desc, dlen);
 	}
+	if (NULL == a->desc) {
+	    agoo_err_set(err, AGOO_ERR_MEMORY, "strdup or strndup of length %d failed.", dlen);
+	    return NULL;
+	}
 	a->default_value = def_value;
 	a->dir = NULL;
 	a->required = required;
@@ -722,8 +739,9 @@ gql_directive_on(agooErr err, gqlDir d, const char *on, int len) {
 	}
 	loc->next = link;
     }
-    link->str = strndup(on, len);
+    if (NULL == (link->str = strndup(on, len))) {
+	return agoo_err_set(err, AGOO_ERR_MEMORY, "strdup or strndup of length %d failed.", len);
+    }
     return AGOO_ERR_OK;
 }

data/ext/agoo/log.c CHANGED

@@ -488,12 +488,13 @@ set_entry(agooLogEntry e, agooLogCat cat, const char *tid, const char *fmt, va_l
 	    }
     }
     if (NULL != tid) {
+	e->tidp = NULL;
 	if (strlen(tid) < sizeof(e->tid)) {
 	    strcpy(e->tid, tid);
-	    e->tidp = NULL;
 	} else {
-	    e->tidp = strdup(tid);
-	    *e->tid = '\0';
+	    if (NULL != (e->tidp = strdup(tid))) {
+		*e->tid = '\0';
+	    }
 	}
     } else {
 	e->tidp = NULL;

data/ext/agoo/page.c CHANGED

@@ -440,10 +440,13 @@ update_contents(agooPage p) {
     // fstat is called to get the file mode and verify it is a regular file or
     // a symlink.
     if (NULL != f) {
-	fstat(fileno(f), &fs);
-	if (!S_ISREG(fs.st_mode) && !S_ISLNK(fs.st_mode)) {
-	    fclose(f);
-	    f = NULL;
+	if (0 == fstat(fileno(f), &fs)) {
+	    if (!S_ISREG(fs.st_mode) && !S_ISLNK(fs.st_mode)) {
+		fclose(f);
+		f = NULL;
+	    }
+	} else {
+	    return close_return_false(f);
 	}
     }
     if (NULL == f) {

data/ext/agoo/rresponse.c CHANGED

@@ -96,7 +96,9 @@ body_set(VALUE self, VALUE val) {
     agooResponse	res = (agooResponse)DATA_PTR(self);
     if (T_STRING == rb_type(val)) {
-	res->body = strdup(StringValuePtr(val));
+	if (NULL == (res->body = strdup(StringValuePtr(val)))) {
+	    rb_raise(rb_eArgError, "failed to copy body");
+	}
 	DEBUG_ALLOC(mem_res_body, res->body)
 	res->blen = (int)RSTRING_LEN(val);
     } else {

data/lib/agoo/version.rb CHANGED

@@ -1,5 +1,5 @@
 module Agoo
   # Agoo version.
-  VERSION = '2.5.6'
+  VERSION = '2.5.7'
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: agoo
 version: !ruby/object:Gem::Version
-  version: 2.5.6
+  version: 2.5.7
 platform: ruby
 authors:
 - Peter Ohler
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-11-26 00:00:00.000000000 Z
+date: 2018-12-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: oj
@@ -124,16 +124,12 @@ files:
 - ext/agoo/websocket.c
 - ext/agoo/websocket.h
 - lib/agoo.rb
-- lib/agoo/base.rb
-- lib/agoo/client.rb
 - lib/agoo/version.rb
 - lib/rack/handler/agoo.rb
 - test/base_handler_test.rb
 - test/bind_test.rb
 - test/hijack_test.rb
 - test/log_test.rb
-- test/named_client.rb
-- test/named_server.rb
 - test/rack_handler_test.rb
 - test/static_test.rb
 homepage: https://github.com/ohler55/agoo
@@ -167,16 +163,14 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements:
 - Linux or macOS
 rubyforge_project: agoo
-rubygems_version: 2.7.6
+rubygems_version: 2.7.3
 signing_key:
 specification_version: 4
 summary: An HTTP server
 test_files:
-- test/named_client.rb
+- test/base_handler_test.rb
+- test/bind_test.rb
+- test/hijack_test.rb
 - test/log_test.rb
 - test/rack_handler_test.rb
-- test/hijack_test.rb
-- test/named_server.rb
-- test/base_handler_test.rb
 - test/static_test.rb
-- test/bind_test.rb

data/lib/agoo/base.rb DELETED

@@ -1,84 +0,0 @@
-module Agoo
-  # Maybe not the best class name but this class implements the base methds
-  # for a Rack WebSocket/SSE handler. A handler does not have to inherit from
-  # this class but the class does identify the methods supported.
-  class Base
-    attr_accessor :connection
-    def initialize(env)
-      # Nothing needs to be done on initialize although the #call env is
-      # available if desired for some reason on creaton. After #on_open is
-      # called the same env can be accessed through the client.
-    end
-    # Called when the WebSocket or SSE connection has been established. The
-    # client represents the connection and cab be used to send messages to the
-    # JavaScript WebSocket or SSE listener.
-    def on_open(client)
-      # save the client to support a send later on.
-      @connection = client
-    end
-    # Called when the WebSocket or SSE connection is closed.
-    def on_close(client)
-      @connection = nil
-    end
-    # This indicates the send delivery queue is empty. Useful if attempting to
-    # restrict the sends to one at a time.
-    def on_drained(client)
-    end
-    # Called when the JavaScript listener sends a WebSocket message.
-    def on_message(client, data)
-      # Handle a received message.
-    end
-    # Called when an error occurs on the WebSocket or SSE connection.
-    def on_error(client, err_msg)
-      # Handle an error.
-    end
-    # Sends a message to the WebSocket or SSE listener.
-    def send_message(msg)
-      check_connection
-      connection.write(msg)
-    end
-    # Closes the WebSocket or SSE connection. Note the connection can also be
-    # closed by the JavaScript listener.
-    def close
-      check_connection
-      connection.close
-    end
-    # The #subscribe, #unsubscribe, and #publish methods are not part of the
-    # Rack SPEC but add added here to demonstrate the publish and subscribe
-    # add-on that Agoo and Iodine provide. If you think it is something that
-    # should be included in the Rack SPEC we can add that. It was left out as
-    # it made the API more complex and
-    def subscribe(subject)
-      check_connection
-      connection.subscribe(subject)
-    end
-    def unsubscribe(subject=nil)
-      check_connection
-      connection.unsubscribe(subject)
-    end
-    def publish(subject, message)
-      check_connection
-      connection.publish(subject, message)
-    end
-    private
-    def check_connection
-      raise StandardError.new('Not connected') if connection.nil?
-    end
-  end
-end

data/lib/agoo/client.rb DELETED

@@ -1,25 +0,0 @@
-module Agoo
-  # A WebSocket/SSE middleware class. If a WebSocket connection has been
-  # requested by a JavaScript listener then a success status (200) is returned
-  # by the call method otherwise a 404 status is returned.
-  class Client
-    attr_accessor :handler_class
-    def initialize(handler_class)
-      @handler_class = handler_class
-    end
-    def call(env)
-      unless env['rack.upgrade?'].nil?
-	env['rack.upgrade'] = @handler_class.new(env)
-	[ 200, { }, [ ] ]
-      else
-	[ 404, { }, [ ] ]
-      end
-    end
-  end
-end

data/test/named_client.rb DELETED

@@ -1,7 +0,0 @@
-#!/usr/bin/env ruby
-require 'socket'
-UNIXSocket.open("/tmp/sockme") {|c|
-  p c.read #=> "hi\n"
-}

data/test/named_server.rb DELETED

@@ -1,13 +0,0 @@
-#!/usr/bin/env ruby
-require 'socket'
-serv = UNIXServer.new("/tmp/sockme")
-begin
-  sock = serv.accept_nonblock
-  sock.puts "hello"
-  sock.flush()
-rescue IO::WaitReadable, Errno::EINTR
-  IO.select([serv])
-  retry
-end