@velox0/cerver 0.6.4 → 0.6.5

package/lib/codegen/emit.js

@@ -421,7 +421,10 @@ function emitStringOpBlock(expr, pad, varName) {
       call = `""` ;
   }
 
-  return [`${pad}char *${varName} = ${call};`];
+  return [
+    `${pad}char *${varName} = ${call};`,
+    `${pad}int ${varName}_owned = (${varName} != NULL);`,
+  ];
 }
 
 /**
@@ -447,13 +450,13 @@ function emitConcatBlock(concatExpr, pad, varName) {
   const format = cString(formatParts.join(""));
   const argList = args.length > 0 ? `, ${args.join(", ")}` : "";
 
-  lines.push(`${pad}char *${varName} = malloc(1024);`);
-  lines.push(`${pad}int ${varName}_owned = (${varName} != NULL);`);
+  const lenVarName = `${varName}_len`;
+  lines.push(`${pad}int ${lenVarName} = snprintf(NULL, 0, ${format}${argList});`);
+  lines.push(`${pad}char *${varName} = malloc(${lenVarName} + 1);`);
   lines.push(`${pad}if (${varName}) {`);
-  lines.push(`${pad}    snprintf(${varName}, 1024, ${format}${argList});`);
-  lines.push(`${pad}} else {`);
-  lines.push(`${pad}    ${varName} = "";`);
+  lines.push(`${pad}    snprintf(${varName}, ${lenVarName} + 1, ${format}${argList});`);
   lines.push(`${pad}}`);
+  lines.push(`${pad}int ${varName}_owned = (${varName} != NULL);`);
 
   return lines;
 }
@@ -512,17 +515,41 @@ function emitStatement(stmt, level, ctx) {
   const pad = indent(level);
   const lines = [];
 
+  const genCleanup = (padStr, skipVar = null) => {
+    const cl = [];
+    for (const ownedVar of ctx.ownedStrings) {
+      if (ownedVar !== skipVar) {
+        cl.push(`${padStr}if (${ownedVar}_owned) free((void *)${ownedVar});`);
+      }
+    }
+    return cl;
+  };
+
+  const genOomCheck = (varName) => {
+    const oomPad = pad + "    ";
+    return [
+      `${pad}if (!${varName}) {`,
+      `${oomPad}cerver_res_text(res, 500, "Internal Server Error (OOM)");`,
+      ...genCleanup(oomPad, varName),
+      `${oomPad}return;`,
+      `${pad}}`
+    ];
+  };
+
   switch (stmt.type) {
     case "Return": {
       const fnName = `cerver_res_${stmt.responseType}`;
+      const returnedVarName = (stmt.value && stmt.value.type === "Identifier") ? stmt.value.name : null;
 
       /* Check if the return value involves a fetch() call */
       if (stmt.value && stmt.value.type === "Fetch") {
         const tempName = `_fetch_res_${ctx.fetchVarCounter++}`;
         const fetchBlock = emitFetchBlock(stmt.value, pad, tempName);
         lines.push(...fetchBlock.lines);
+        lines.push(...genOomCheck(tempName));
         lines.push(`${pad}${fnName}(res, ${stmt.status}, ${tempName});`);
         lines.push(`${pad}res->_body_owned = 1;`);
+        lines.push(...genCleanup(pad, tempName));
         lines.push(`${pad}return;`);
       } else if (
         stmt.value &&
@@ -531,8 +558,10 @@ function emitStatement(stmt, level, ctx) {
       ) {
         const tempName = `_concat_res_${ctx.concatVarCounter++}`;
         lines.push(...emitConcatBlock(stmt.value, pad, tempName));
+        lines.push(...genOomCheck(tempName));
         lines.push(`${pad}${fnName}(res, ${stmt.status}, ${tempName});`);
         lines.push(`${pad}if (${tempName}_owned) res->_body_owned = 1;`);
+        lines.push(...genCleanup(pad, tempName));
         lines.push(`${pad}return;`);
       } else if (
         stmt.value &&
@@ -542,8 +571,10 @@ function emitStatement(stmt, level, ctx) {
         /* Heap-allocated string op (tolower, toupper, trim, slice, replace) */
         const tempName = `_strop_res_${ctx.concatVarCounter++}`;
         lines.push(...emitStringOpBlock(stmt.value, pad, tempName));
-        lines.push(`${pad}${fnName}(res, ${stmt.status}, ${tempName} ? ${tempName} : "");`);
-        lines.push(`${pad}if (${tempName}) res->_body_owned = 1;`);
+        lines.push(...genOomCheck(tempName));
+        lines.push(`${pad}${fnName}(res, ${stmt.status}, ${tempName});`);
+        lines.push(`${pad}if (${tempName}_owned) res->_body_owned = 1;`);
+        lines.push(...genCleanup(pad, tempName));
         lines.push(`${pad}return;`);
       } else {
         assertInlineExpression(stmt.value);
@@ -556,6 +587,7 @@ function emitStatement(stmt, level, ctx) {
         ) {
           lines.push(`${pad}res->_body_owned = 1;`);
         }
+        lines.push(...genCleanup(pad, returnedVarName));
         lines.push(`${pad}return;`);
       }
       break;
@@ -632,6 +664,7 @@ function emitStatement(stmt, level, ctx) {
       if (stmt.initExpr && stmt.initExpr.type === "Fetch") {
         const fetchBlock = emitFetchBlock(stmt.initExpr, pad, stmt.name);
         lines.push(...fetchBlock.lines);
+        lines.push(...genOomCheck(stmt.name));
         ctx.ownedStrings.add(stmt.name);
       } else if (
         stmt.initExpr &&
@@ -639,6 +672,7 @@ function emitStatement(stmt, level, ctx) {
         !allLiteralConcat(stmt.initExpr)
       ) {
         lines.push(...emitConcatBlock(stmt.initExpr, pad, stmt.name));
+        lines.push(...genOomCheck(stmt.name));
         ctx.ownedStrings.add(stmt.name);
       } else if (
         stmt.initExpr &&
@@ -647,6 +681,7 @@ function emitStatement(stmt, level, ctx) {
       ) {
         /* Heap-allocated string op result stored in a mutable char * */
         lines.push(...emitStringOpBlock(stmt.initExpr, pad, stmt.name));
+        lines.push(...genOomCheck(stmt.name));
         ctx.ownedStrings.add(stmt.name);
       } else {
         assertInlineExpression(stmt.initExpr);

package/lib/validator/validate.js

@@ -118,10 +118,11 @@ function validate(ast, filePath, source) {
       const decl = node.declaration;
       if (decl.type === "FunctionDeclaration") {
         const name = decl.id.name;
-        if (!["GET", "POST"].includes(name)) {
+        const validMethods = ["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS", "HEAD"];
+        if (!validMethods.includes(name)) {
           addError(
             decl,
-            `exported function "${name}" is not a valid HTTP method (use GET or POST)`,
+            `exported function "${name}" is not a valid HTTP method (use ${validMethods.join(", ")})`,
           );
         }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@velox0/cerver",
-  "version": "0.6.4",
+  "version": "0.6.5",
   "description": "Compile restricted JavaScript server logic into optimized native C binaries (cross-platform: Linux, macOS, Windows)",
   "main": "bin/cerver.js",
   "bin": {

package/runtime/cerver.h

@@ -303,8 +303,6 @@ char* cerver_str_replace(const char* s, const char* needle, const char* replacem
 int cerver_str_endswith(const char* s, const char* suffix);
 int cerver_str_indexof(const char* s, const char* needle);
 
-
-
 /* ------------------------------------------------------------------ */
 /*  MIME (internal)                                                   */
 /* ------------------------------------------------------------------ */

package/runtime/fetch.c

@@ -120,10 +120,19 @@ char* cerver_fetch(const char* url, const char* method, const char* body, const
   curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, fetch_write_cb);
   curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void*)&buf);
   curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
+  curl_easy_setopt(curl, CURLOPT_MAXREDIRS, 5L); /* cap redirect chain */
   curl_easy_setopt(curl, CURLOPT_TIMEOUT, 30L);
   curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 10L);
   curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L); /* thread-safe */
   curl_easy_setopt(curl, CURLOPT_USERAGENT, "cerver/1.0");
+  /* Restrict to HTTP and HTTPS only — blocks file://, gopher://, dict://, etc. */
+#if CURL_AT_LEAST_VERSION(7, 85, 0)
+  curl_easy_setopt(curl, CURLOPT_PROTOCOLS_STR, "http,https");
+  curl_easy_setopt(curl, CURLOPT_REDIR_PROTOCOLS_STR, "http,https");
+#else
+  curl_easy_setopt(curl, CURLOPT_PROTOCOLS, (long)(CURLPROTO_HTTP | CURLPROTO_HTTPS));
+  curl_easy_setopt(curl, CURLOPT_REDIR_PROTOCOLS, (long)(CURLPROTO_HTTP | CURLPROTO_HTTPS));
+#endif  // CURL_AT_LEAST_VERSION(7, 85, 0)
 
   /* Set HTTP method */
   if (method) {

package/runtime/http_parser.c

@@ -180,9 +180,13 @@ int cerver_parse_request(const char* raw, size_t len, cerver_request_t* req) {
         req->headers[req->header_count].value = val;
         req->header_count++;
 
-        /* Track content-length */
+        /* Track content-length — use strtoul so negative values are rejected */
         if (strcasecmp(hdr_start, "Content-Length") == 0) {
-          content_length = (size_t)atol(val);
+          char*         endp = NULL;
+          unsigned long cl   = strtoul(val, &endp, 10);
+          if (endp != val && *endp == '\0' && cl > 0 && cl <= (unsigned long)CERVER_READ_BUF_MAX) {
+            content_length = (size_t)cl;
+          }
         }
       }
     }
@@ -191,7 +195,8 @@ int cerver_parse_request(const char* raw, size_t len, cerver_request_t* req) {
   }
 
   /* ---- Body (for POST etc.) ---- */
-  if (content_length > 0 && hdr_start < buf + len) {
+  if (content_length > 0 && hdr_start < buf + len && strcmp(req->method, "GET") != 0 &&
+      strcmp(req->method, "HEAD") != 0) {
     req->body     = hdr_start;
     req->body_len = content_length;
     /* Ensure we don't read past the buffer */

package/runtime/http_writer.c

@@ -142,28 +142,34 @@ static const char* status_text(int code) {
 int cerver_write_response(int fd, const cerver_response_t* res, int keepalive) {
   cerver_sock_t sfd = (cerver_sock_t)fd;
 
-  char header[4096];
-  int  hlen = 0;
-
-  hlen += snprintf(header + hlen, sizeof(header) - (size_t)hlen, "HTTP/1.1 %d %s\r\n", res->status,
-                   status_text(res->status));
-  if (res->content_type)
-    hlen += snprintf(header + hlen, sizeof(header) - (size_t)hlen, "Content-Type: %s\r\n",
-                     res->content_type);
-  hlen += snprintf(header + hlen, sizeof(header) - (size_t)hlen, "Content-Length: %zu\r\n",
-                   res->body_len);
+  char   header[4096];
+  size_t hlen = 0;
+
+#define HDR_APPEND(...)                                                     \
+  do {                                                                      \
+    if (hlen < sizeof(header)) {                                            \
+      int _n = snprintf(header + hlen, sizeof(header) - hlen, __VA_ARGS__); \
+      if (_n > 0) hlen += (size_t)_n;                                       \
+      if (hlen > sizeof(header)) hlen = sizeof(header);                     \
+    }                                                                       \
+  } while (0)
+
+  HDR_APPEND("HTTP/1.1 %d %s\r\n", res->status, status_text(res->status));
+  if (res->content_type) HDR_APPEND("Content-Type: %s\r\n", res->content_type);
+  HDR_APPEND("Content-Length: %zu\r\n", res->body_len);
   for (int i = 0; i < res->header_count; i++)
-    hlen += snprintf(header + hlen, sizeof(header) - (size_t)hlen, "%s: %s\r\n",
-                     res->headers[i].key, res->headers[i].value);
+    HDR_APPEND("%s: %s\r\n", res->headers[i].key, res->headers[i].value);
   if (keepalive && !res->_force_close)
-    hlen += snprintf(header + hlen, sizeof(header) - (size_t)hlen, "Connection: keep-alive\r\n");
+    HDR_APPEND("Connection: keep-alive\r\n");
   else
-    hlen += snprintf(header + hlen, sizeof(header) - (size_t)hlen, "Connection: close\r\n");
-  hlen += snprintf(header + hlen, sizeof(header) - (size_t)hlen, "Server: cerver\r\n\r\n");
+    HDR_APPEND("Connection: close\r\n");
+  HDR_APPEND("Server: cerver\r\n\r\n");
+
+#undef HDR_APPEND
 
   if (res->_body_owned == 3) {
     /* File-descriptor sendfile path */
-    if (send_all(sfd, header, (size_t)hlen) < 0) return -1;
+    if (send_all(sfd, header, hlen) < 0) return -1;
     size_t total = res->body_len, sent = 0;
     while (sent < total) {
       ssize_t n = do_sendfile(sfd, res->_file_fd, (off_t)sent, total - sent);
@@ -177,17 +183,17 @@ int cerver_write_response(int fd, const cerver_response_t* res, int keepalive) {
       sent += (size_t)n;
     }
   } else if (res->body && res->body_len > 0) {
-    if ((size_t)hlen + res->body_len <= sizeof(header)) {
+    if (hlen + res->body_len <= sizeof(header)) {
       /* Small response: one syscall */
       memcpy(header + hlen, res->body, res->body_len);
-      if (send_all(sfd, header, (size_t)hlen + res->body_len) < 0) return -1;
+      if (send_all(sfd, header, hlen + res->body_len) < 0) return -1;
     } else {
       /* Large response: header then body */
-      if (send_all(sfd, header, (size_t)hlen) < 0) return -1;
+      if (send_all(sfd, header, hlen) < 0) return -1;
       if (send_all(sfd, res->body, res->body_len) < 0) return -1;
     }
   } else {
-    if (send_all(sfd, header, (size_t)hlen) < 0) return -1;
+    if (send_all(sfd, header, hlen) < 0) return -1;
   }
 
   return 0;

package/runtime/server.c

@@ -33,6 +33,7 @@
 #include <netinet/in.h>
 #include <netinet/tcp.h>
 #include <arpa/inet.h>
+#include <strings.h>
 #endif  // !CERVER_PLATFORM_WINDOWS
 
 #if defined(__APPLE__) || defined(__FreeBSD__)
@@ -214,6 +215,7 @@ static char* read_full_request(cerver_sock_t fd, size_t* out_len) {
      per-connection in handle_connection).  Just read normally. */
 #endif  // CERVER_PLATFORM_WINDOWS
 
+  /* Phase 1: read until we have the full header section (\r\n\r\n). */
   while (len < (size_t)CERVER_READ_BUF_MAX) {
     ssize_t n = (ssize_t)cerver_sock_read(fd, buf + len, cap - len);
     if (n <= 0) break;
@@ -236,6 +238,75 @@ static char* read_full_request(cerver_sock_t fd, size_t* out_len) {
     free(buf);
     return NULL;
   }
+
+  /*
+   * Phase 2: if a Content-Length header is present, read the body.
+   *
+   * Scan the headers we just received for "Content-Length:" and compute
+   * how many body bytes we still need to pull from the socket.  We do a
+   * minimal in-buffer scan here (before the real parser runs) so that the
+   * body always arrives in the same allocation that the parser will
+   * reference — preventing request smuggling over keep-alive connections.
+   */
+  buf[len]                = '\0';
+  const char* hdr_end_ptr = (const char*)memmem(buf, len, "\r\n\r\n", 4);
+  if (hdr_end_ptr) {
+    size_t hdr_block_len  = (size_t)(hdr_end_ptr - buf) + 4;
+    size_t content_length = 0;
+
+    /* Case-insensitive scan for Content-Length within the header block. */
+    const char* p = buf;
+    while (p < buf + hdr_block_len) {
+      const char* eol = (const char*)memmem(p, (size_t)(buf + hdr_block_len - p), "\r\n", 2);
+      if (!eol) break;
+      size_t line_len = (size_t)(eol - p);
+      if (line_len > 15 && (p[0] == 'C' || p[0] == 'c') &&
+          strncasecmp(p, "Content-Length:", 15) == 0) {
+        const char* val  = p + 15;
+        char*       endp = NULL;
+        while (*val == ' ' || *val == '\t') val++;
+        unsigned long cl = strtoul(val, &endp, 10);
+        if (endp != val && cl > 0 && cl <= (unsigned long)CERVER_READ_BUF_MAX) {
+          content_length = (size_t)cl;
+        }
+        break;
+      }
+      p = eol + 2;
+    }
+
+    if (content_length > 0) {
+      size_t body_received = (len > hdr_block_len) ? (len - hdr_block_len) : 0;
+      size_t body_needed  = (content_length > body_received) ? (content_length - body_received) : 0;
+      size_t total_needed = len + body_needed;
+
+      if (total_needed > (size_t)CERVER_READ_BUF_MAX) {
+        /* Body would exceed hard limit — clamp to what we'll accept. */
+        total_needed = (size_t)CERVER_READ_BUF_MAX;
+        body_needed  = (total_needed > len) ? (total_needed - len) : 0;
+      }
+
+      if (body_needed > 0) {
+        if (total_needed > cap) {
+          char* tmp = realloc(buf, total_needed + 1);
+          if (!tmp) {
+            free(buf);
+            return NULL;
+          }
+          buf = tmp;
+          cap = total_needed;
+        }
+
+        /* Read exactly the remaining body bytes. */
+        while (body_needed > 0) {
+          ssize_t n = (ssize_t)cerver_sock_read(fd, buf + len, body_needed);
+          if (n <= 0) break;
+          len += (size_t)n;
+          body_needed -= (size_t)n;
+        }
+      }
+    }
+  }
+
   buf[len] = '\0';
   *out_len = len;
   return buf;
@@ -261,10 +332,10 @@ static void handle_connection(cerver_server_t* srv, cerver_sock_t client_fd) {
                sizeof(nodelay));
   }
 
-  int request_count = 0;
-  int keepalive     = 1;
+  unsigned int request_count = 0;
+  int          keepalive     = 1;
 
-  while (keepalive && srv->running && request_count < CERVER_KEEPALIVE_MAX) {
+  while (keepalive && srv->running && request_count < (unsigned int)CERVER_KEEPALIVE_MAX) {
     int timeout_sec = (request_count == 0) ? 5 : CERVER_KEEPALIVE_TIMEOUT;
 
 #if CERVER_PLATFORM_WINDOWS

package/runtime/static.c

@@ -43,7 +43,7 @@ static uint32_t fnv1a(const char* str) {
 /* ------------------------------------------------------------------ */
 
 static int path_is_safe(const char* path) {
-  /* Reject paths with ".." */
+  /* Reject paths with ".." (literal traversal) */
   if (strstr(path, "..")) return 0;
 
   /* Reject paths with null bytes */
@@ -52,6 +52,34 @@ static int path_is_safe(const char* path) {
   /* Must start with "/" */
   if (path[0] != '/') return 0;
 
+  /* Reject encoded traversal sequences that survive url_decode:
+   * url_decode runs before us, but double-encoding (%252e) and
+   * mixed-case variants may slip through on some paths.  Reject any
+   * remaining %XX sequences that decode to '.' or '/'. */
+  const char* p = path;
+  while (*p) {
+    if (*p == '%' && p[1] && p[2]) {
+      int hi = (p[1] >= '0' && p[1] <= '9')   ? p[1] - '0'
+               : (p[1] >= 'a' && p[1] <= 'f') ? p[1] - 'a' + 10
+               : (p[1] >= 'A' && p[1] <= 'F') ? p[1] - 'A' + 10
+                                              : -1;
+      int lo = (p[2] >= '0' && p[2] <= '9')   ? p[2] - '0'
+               : (p[2] >= 'a' && p[2] <= 'f') ? p[2] - 'a' + 10
+               : (p[2] >= 'A' && p[2] <= 'F') ? p[2] - 'A' + 10
+                                              : -1;
+      if (hi >= 0 && lo >= 0) {
+        int decoded = (hi << 4) | lo;
+        /* Reject if it would decode to '.' (0x2e), '/' (0x2f), or '\' (0x5c) */
+        if (decoded == 0x2e || decoded == 0x2f || decoded == 0x5c) return 0;
+      }
+    }
+#if CERVER_PLATFORM_WINDOWS
+    /* Reject backslashes directly in the path */
+    if (*p == '\\') return 0;
+#endif  // CERVER_PLATFORM_WINDOWS
+    p++;
+  }
+
   return 1;
 }
 
@@ -64,13 +92,36 @@ typedef struct {
   int accepts_br;
 } encoding_prefs_t;
 
+/*
+ * Check whether `token` appears as a standalone comma-separated token in
+ * the Accept-Encoding header value.  Using strstr() would produce false
+ * positives (e.g. "br" matching inside "cobr" or "brotli").
+ */
+static int ae_has_token(const char* ae, const char* token) {
+  size_t      tlen = strlen(token);
+  const char* p    = ae;
+  while (*p) {
+    /* Skip whitespace and commas */
+    while (*p == ' ' || *p == '\t' || *p == ',') p++;
+    if (!*p) break;
+    /* Find end of this token (stop at comma, semicolon, space, or NUL) */
+    const char* start = p;
+    while (*p && *p != ',' && *p != ';' && *p != ' ' && *p != '\t') p++;
+    size_t len = (size_t)(p - start);
+    if (len == tlen && memcmp(start, token, tlen) == 0) return 1;
+    /* Skip quality value if present (;q=0.9) */
+    while (*p && *p != ',') p++;
+  }
+  return 0;
+}
+
 static encoding_prefs_t parse_accept_encoding(const cerver_request_t* req) {
   encoding_prefs_t prefs = {0, 0};
   const char*      ae    = cerver_req_header(req, "Accept-Encoding");
   if (!ae) return prefs;
 
-  if (strstr(ae, "br")) prefs.accepts_br = 1;
-  if (strstr(ae, "gzip")) prefs.accepts_gzip = 1;
+  if (ae_has_token(ae, "br")) prefs.accepts_br = 1;
+  if (ae_has_token(ae, "gzip")) prefs.accepts_gzip = 1;
 
   return prefs;
 }
@@ -222,28 +273,41 @@ static int serve_filesystem(cerver_server_t* srv, cerver_request_t* req, cerver_
   const char* path = req->path;
   if (!path_is_safe(path)) return -1;
 
-  /* Build the full filesystem path */
+  /* Build the full filesystem path — reject if it would overflow. */
+  size_t dir_len  = strlen(srv->public_dir);
+  size_t path_len = strlen(path);
+  if (dir_len + path_len + 1 > sizeof(((struct { char b[CERVER_MAX_PATH * 2]; }){}).b)) return -1;
+
   char full_path[CERVER_MAX_PATH * 2];
+  /* Bounds already verified above; silence -Wformat-truncation. */
+#if defined(__GNUC__) && !defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wformat-truncation"
+#endif  // __GNUC__ && !__clang__
   snprintf(full_path, sizeof(full_path), "%s%s", srv->public_dir, path);
+#if defined(__GNUC__) && !defined(__clang__)
+#pragma GCC diagnostic pop
+#endif  // __GNUC__ && !__clang__
 
 #if CERVER_PLATFORM_WINDOWS
   /* Normalize forward slashes to backslashes for native Windows APIs */
   for (char* p = full_path; *p; p++) {
     if (*p == '/') *p = '\\';
   }
-#endif
+#endif  // CERVER_PLATFORM_WINDOWS
 
   /* Check if it's a directory — try fallback path */
   struct stat st;
   if (stat(full_path, &st) == 0 && S_ISDIR(st.st_mode)) {
     char fallback_path[CERVER_MAX_PATH];
     get_fallback_path(path, fallback_path, sizeof(fallback_path));
+    if (dir_len + strlen(fallback_path) + 1 > sizeof(full_path)) return -1;
     snprintf(full_path, sizeof(full_path), "%s%s", srv->public_dir, fallback_path);
 #if CERVER_PLATFORM_WINDOWS
     for (char* p = full_path; *p; p++) {
       if (*p == '/') *p = '\\';
     }
-#endif
+#endif  // CERVER_PLATFORM_WINDOWS
     if (stat(full_path, &st) != 0) return -1;
   }
 

package/runtime/str_ops.c

@@ -23,10 +23,10 @@
  * Return a malloc'd copy of `s` with all ASCII characters lowercased.
  * Returns NULL on allocation failure.
  */
-char *cerver_str_tolower(const char *s) {
+char* cerver_str_tolower(const char* s) {
   if (!s) return NULL;
   size_t len = strlen(s);
-  char  *out = (char *)malloc(len + 1);
+  char*  out = (char*)malloc(len + 1);
   if (!out) return NULL;
   for (size_t i = 0; i <= len; i++) {
     out[i] = (char)tolower((unsigned char)s[i]);
@@ -38,10 +38,10 @@ char *cerver_str_tolower(const char *s) {
  * Return a malloc'd copy of `s` with all ASCII characters uppercased.
  * Returns NULL on allocation failure.
  */
-char *cerver_str_toupper(const char *s) {
+char* cerver_str_toupper(const char* s) {
   if (!s) return NULL;
   size_t len = strlen(s);
-  char  *out = (char *)malloc(len + 1);
+  char*  out = (char*)malloc(len + 1);
   if (!out) return NULL;
   for (size_t i = 0; i <= len; i++) {
     out[i] = (char)toupper((unsigned char)s[i]);
@@ -57,18 +57,18 @@ char *cerver_str_toupper(const char *s) {
  * Return a malloc'd copy of `s` with leading and trailing ASCII
  * whitespace removed. Returns NULL on allocation failure.
  */
-char *cerver_str_trim(const char *s) {
+char* cerver_str_trim(const char* s) {
   if (!s) return NULL;
 
   /* Skip leading whitespace */
   while (*s && isspace((unsigned char)*s)) s++;
 
-  const char *end = s + strlen(s);
+  const char* end = s + strlen(s);
   /* Skip trailing whitespace */
   while (end > s && isspace((unsigned char)*(end - 1))) end--;
 
   size_t len = (size_t)(end - s);
-  char  *out = (char *)malloc(len + 1);
+  char*  out = (char*)malloc(len + 1);
   if (!out) return NULL;
   memcpy(out, s, len);
   out[len] = '\0';
@@ -88,23 +88,27 @@ char *cerver_str_trim(const char *s) {
  *
  * Returns NULL on allocation failure.
  */
-char *cerver_str_slice(const char *s, int start, int end) {
+char* cerver_str_slice(const char* s, int start, int end) {
   if (!s) return NULL;
   int len = (int)strlen(s);
 
   /* Resolve negative indices */
   if (start < 0) start = len + start;
-  if (end < 0)   end   = (end == -1) ? len : len + end;
+  if (end < 0) end = (end == -1) ? len : len + end;
 
   /* Clamp */
-  if (start < 0)   start = 0;
+  if (start < 0) start = 0;
   if (start > len) start = len;
-  if (end   < 0)   end   = 0;
-  if (end   > len) end   = len;
-  if (start > end) { int t = start; start = end; end = t; }
+  if (end < 0) end = 0;
+  if (end > len) end = len;
+  if (start > end) {
+    int t = start;
+    start = end;
+    end   = t;
+  }
 
-  int    out_len = end - start;
-  char  *out     = (char *)malloc((size_t)out_len + 1);
+  int   out_len = end - start;
+  char* out     = (char*)malloc((size_t)out_len + 1);
   if (!out) return NULL;
   memcpy(out, s + start, (size_t)out_len);
   out[out_len] = '\0';
@@ -120,23 +124,22 @@ char *cerver_str_slice(const char *s, int start, int end) {
  * replaced by `replacement`. If `needle` is not found, returns a copy
  * of `s`. Returns NULL on allocation failure.
  */
-char *cerver_str_replace(const char *s, const char *needle,
-                         const char *replacement) {
+char* cerver_str_replace(const char* s, const char* needle, const char* replacement) {
   if (!s) return NULL;
   if (!needle || *needle == '\0') {
     /* Empty needle — return a copy */
     size_t len = strlen(s);
-    char  *out = (char *)malloc(len + 1);
+    char*  out = (char*)malloc(len + 1);
     if (!out) return NULL;
     memcpy(out, s, len + 1);
     return out;
   }
 
-  const char *pos = strstr(s, needle);
+  const char* pos = strstr(s, needle);
   if (!pos) {
     /* Needle not found — return a copy of s */
     size_t len = strlen(s);
-    char  *out = (char *)malloc(len + 1);
+    char*  out = (char*)malloc(len + 1);
     if (!out) return NULL;
     memcpy(out, s, len + 1);
     return out;
@@ -148,10 +151,10 @@ char *cerver_str_replace(const char *s, const char *needle,
   size_t after_len       = strlen(pos + needle_len);
   size_t total           = before_len + replacement_len + after_len + 1;
 
-  char *out = (char *)malloc(total);
+  char* out = (char*)malloc(total);
   if (!out) return NULL;
 
-  char *p = out;
+  char* p = out;
   memcpy(p, s, before_len);
   p += before_len;
   if (replacement_len) {
@@ -170,7 +173,7 @@ char *cerver_str_replace(const char *s, const char *needle,
  * Return 1 if `s` ends with `suffix`, 0 otherwise.
  * Mirrors JS String.prototype.endsWith().
  */
-int cerver_str_endswith(const char *s, const char *suffix) {
+int cerver_str_endswith(const char* s, const char* suffix) {
   if (!s || !suffix) return 0;
   size_t slen      = strlen(s);
   size_t suffixlen = strlen(suffix);
@@ -182,9 +185,9 @@ int cerver_str_endswith(const char *s, const char *suffix) {
  * Return the byte index of the first occurrence of `needle` in `s`,
  * or -1 if not found. Mirrors JS String.prototype.indexOf().
  */
-int cerver_str_indexof(const char *s, const char *needle) {
+int cerver_str_indexof(const char* s, const char* needle) {
   if (!s || !needle) return -1;
-  const char *pos = strstr(s, needle);
+  const char* pos = strstr(s, needle);
   if (!pos) return -1;
   return (int)(pos - s);
 }

package/runtime/tests/runtime_tests.c

@@ -60,7 +60,7 @@ static void cerver_test_tmpdir_template(char* buf, size_t len) {
   snprintf(buf, len, "%s\\cerver-test-XXXXXX", tmp);
 #else
   snprintf(buf, len, "/tmp/cerver-test-XXXXXX");
-#endif
+#endif  // CERVER_PLATFORM_WINDOWS
 }
 
 static const char* res_header(const cerver_response_t* res, const char* key) {

package/runtime/win_compat.h

@@ -97,6 +97,9 @@ static inline void* cerver_memmem_win(const void* hay, size_t hlen, const void*
 #ifndef strcasecmp
 #define strcasecmp _stricmp
 #endif  // strcasecmp
+#ifndef strncasecmp
+#define strncasecmp _strnicmp
+#endif  // strncasecmp
 
 /* clock_gettime / CLOCK_REALTIME are missing from some Windows CRTs. */
 #ifndef CLOCK_REALTIME
@@ -236,12 +239,12 @@ static inline int cerver_fetch_global_init_guard_run(cerver_fetch_global_init_gu
 typedef CRITICAL_SECTION cerver_mutex_t;
 
 typedef struct {
-  HANDLE event;   /* auto-reset event for signal   */
-  HANDLE bcast;   /* manual-reset event for broadcast */
+  HANDLE event; /* auto-reset event for signal   */
+  HANDLE bcast; /* manual-reset event for broadcast */
 } cerver_cond_t;
 
 typedef struct {
-  volatile LONG done;
+  volatile LONG    done;
   CRITICAL_SECTION lock;
 } cerver_fetch_global_init_guard_t;
 
@@ -249,8 +252,8 @@ typedef struct {
    we zero-init and rely on cerver_mutex_init() being called.  For the
    two static structs in server.c that use CERVER_MUTEX_INITIALIZER we
    call cerver_mutex_init() at startup via cerver_init(). */
-#define CERVER_MUTEX_INITIALIZER  {0}
-#define CERVER_COND_INITIALIZER   {0}
+#define CERVER_MUTEX_INITIALIZER                   {0}
+#define CERVER_COND_INITIALIZER                    {0}
 #define CERVER_FETCH_GLOBAL_INIT_GUARD_INITIALIZER {0, {0}}
 
 static inline int cerver_mutex_init(cerver_mutex_t* m, void* attr) {
@@ -274,7 +277,7 @@ static inline int cerver_mutex_unlock(cerver_mutex_t* m) {
 static inline int cerver_cond_init(cerver_cond_t* c, void* attr) {
   (void)attr;
   c->event = CreateEvent(NULL, FALSE, FALSE, NULL); /* auto-reset */
-  c->bcast = CreateEvent(NULL, TRUE,  FALSE, NULL); /* manual-reset */
+  c->bcast = CreateEvent(NULL, TRUE, FALSE, NULL);  /* manual-reset */
   return (c->event && c->bcast) ? 0 : -1;
 }
 static inline int cerver_cond_destroy(cerver_cond_t* c) {
@@ -302,7 +305,7 @@ static inline int cerver_cond_timedwait(cerver_cond_t* c, cerver_mutex_t* m,
   if (ms < 0) ms = 0;
   LeaveCriticalSection(m);
   HANDLE h[2] = {c->event, c->bcast};
-  DWORD r = WaitForMultipleObjects(2, h, FALSE, (DWORD)ms);
+  DWORD  r    = WaitForMultipleObjects(2, h, FALSE, (DWORD)ms);
   EnterCriticalSection(m);
   return (r == WAIT_TIMEOUT) ? 110 : 0; /* 110 = ETIMEDOUT */
 }
@@ -323,13 +326,13 @@ static inline int cerver_fetch_global_init_guard_run(cerver_fetch_global_init_gu
   return 0;
 }
 
-#endif /* __MINGW64_VERSION_MAJOR || _MSC_VER */
+#endif  // __MINGW64_VERSION_MAJOR || _MSC_VER
 
 /* ---- thread helpers (shared across all Windows toolchains) -------- */
-typedef HANDLE             cerver_connection_worker_thread_t;
-typedef HANDLE             cerver_acceptor_thread_t;
-typedef size_t             cerver_connection_worker_thread_attr_t;
-typedef size_t             cerver_acceptor_thread_attr_t;
+typedef HANDLE cerver_connection_worker_thread_t;
+typedef HANDLE cerver_acceptor_thread_t;
+typedef size_t cerver_connection_worker_thread_attr_t;
+typedef size_t cerver_acceptor_thread_attr_t;
 
 static inline int cerver_connection_worker_thread_attr_init(
     cerver_connection_worker_thread_attr_t* attr) {