diff options
| author | RblSb <msrblsb@gmail.com> | 2021-08-29 22:08:50 +0300 |
|---|---|---|
| committer | RblSb <msrblsb@gmail.com> | 2021-08-29 22:08:50 +0300 |
| commit | 6cb22fb04d83e0bc1046dd980736d97768928725 (patch) | |
| tree | f9c4ca2ebb4d84e9c39e26945dcdd287d153e20a | |
| parent | e2c76dece4ba9daf1dcce338026339c17c9bd6cd (diff) | |
Fix int32 overflow
closes #29
| -rw-r--r-- | build/server.js | 19 | ||||
| -rw-r--r-- | src/server/HttpServer.hx | 12 | ||||
| -rw-r--r-- | src/server/Utils.hx | 4 |
3 files changed, 24 insertions, 11 deletions
diff --git a/build/server.js b/build/server.js index 5f39892..28f6ff2 100644 --- a/build/server.js +++ b/build/server.js @@ -3646,15 +3646,17 @@ server_HttpServer.serveMedia = function(req,res,filePath) { range = "bytes=0-"; } var ranges = new EReg("[-=]","g").split(range); - var start = Std.parseInt(ranges[1]); - if(start == null) { + var start = parseFloat(ranges[1]); + if(server_Utils.isOutOfRange(start,0,videoSize - 1)) { start = 0; } - var end = Std.parseInt(ranges[2]); - if(end == null) { + var end = parseFloat(ranges[2]); + if(isNaN(end)) { end = start + 5242880; } - end = Math.min(end,videoSize - 1) | 0; + if(server_Utils.isOutOfRange(end,start,videoSize - 1)) { + end = videoSize - 1; + } res.setHeader("Content-Range","bytes " + start + "-" + end + "/" + videoSize); res.setHeader("Content-Length","" + (end - start + 1)); res.statusCode = 206; @@ -4802,6 +4804,13 @@ server_Utils.getLocalIp = function() { } return "127.0.0.1"; }; +server_Utils.isOutOfRange = function(value,min,max) { + if(!(value == null || isNaN(value) || value < min)) { + return value > max; + } else { + return true; + } +}; server_Utils.sortedPush = function(ids,id) { var _g_current = 0; while(_g_current < ids.length) if(id < ids[_g_current++]) { diff --git a/src/server/HttpServer.hx b/src/server/HttpServer.hx index 0edf4e3..c4853ee 100644 --- a/src/server/HttpServer.hx +++ b/src/server/HttpServer.hx @@ -123,12 +123,12 @@ class HttpServer { var range:String = req.headers["range"]; if (range == null) range = "bytes=0-"; final ranges = ~/[-=]/g.split(range); - var start = Std.parseInt(ranges[1]); - if (start == null) start = 0; + var start = Std.parseFloat(ranges[1]); + if (Utils.isOutOfRange(start, 0, videoSize - 1)) start = 0; final CHUNK_SIZE = 1024 * 1024 * 5; // 5 MB - var end = Std.parseInt(ranges[2]); - if (end == null) end = start + CHUNK_SIZE; - end = Std.int(Math.min(end, videoSize - 1)); + var end = Std.parseFloat(ranges[2]); + if (Math.isNaN(end)) end = start + CHUNK_SIZE; + if (Utils.isOutOfRange(end, start, videoSize - 1)) end = videoSize - 1; final contentLength = end - start + 1; res.setHeader("Content-Range", 'bytes ${start}-${end}/${videoSize}'); @@ -136,7 +136,7 @@ class HttpServer { // HTTP Status 206 for Partial Content res.statusCode = 206; // create video read stream for this particular chunk - final videoStream = Fs.createReadStream(filePath, {start: start, end: end}); + final videoStream = Fs.createReadStream(filePath, {start: cast start, end: cast end}); // stream the video chunk to the client videoStream.pipe(res); return true; diff --git a/src/server/Utils.hx b/src/server/Utils.hx index 9aa0d66..a2f4382 100644 --- a/src/server/Utils.hx +++ b/src/server/Utils.hx @@ -69,6 +69,10 @@ class Utils { return "127.0.0.1"; } + public static function isOutOfRange(value:Float, min:Float, max:Float):Bool { + return value == null || Math.isNaN(value) || value < min || value > max; + } + public static function sortedPush(ids:Array<Int>, id:Int):Void { for (i => n in ids) { if (id < n) { |