Re: Timing bug - recv() fails to retrieve all data

Wed, 23 Oct 2002 23:52:10 -0700 

Thomas Reinke <[EMAIL PROTECTED]> writes:

> and testing a web server where the header and body of the
> response are separate by a 2 second delay, we noted that
> recv() will never get the body of the message.

This behaves as expected, although this is a real problem.
I talked about that two months ago:
http://archives.neohapsis.com/archives/apps/nessus/2002-q3/0125.html

A http_recv function could parse Content-Length and read all the data;
such a function would be useful if we used Keep Alive.
Note that such a function can be written in NASL

Anyway, if you change
    r = recv(socket:soc, length:8192);
info
    r = recv(socket:soc, length:8192, min:8192);
that would solve your problem.

Or:
    r1 = http_recv_headers(soc);
    r2 = recv(socket:soc, length:8192);
    r = r1 + r2;

> I'd recommend that as a patch the 1 second delay be at least set
> to 3-5 seconds

Maybe this 1 s timeout should be configurable?

> or so, or that a slightly more comprehensive
> solution use simple calls to time() to determine elapsed time
> and to set the remaining time, instead of to 1, the greater of
> 1 or the remaining time left...

No, that would make Nessus run slow in most situations.

Here is a quick & dirty function that might help (I just wrote it and
did not test it extensively!)


# This function does not return the headers!
# So 'length' parameter does not include headers length, even if we have to
# read them

function http_recv_body(socket, headers, length)
{
  if (!headers)
  {
    _h = http_recv_headers(socket);
  }
  else
  {
    _h = headers;
  }

  _cl = egrep(pattern:"^Content-length: *[0-9]+", string: _h, icase: 1);
  _l = ereg_replace(pattern: "Content-length: *([0-9]+).*", replace:"\1",
                string: _cl, icase: 1);
  _max = 0;
  if (length) _max = length;
  if (_l) _min = _l;
  if (_l > _max) _max = _l;
  if (! _max)
  {
    display("http_recv_body: bogus or no Content-length field, and no 'length' 
paramater set!\n");
    _max = 8192;
  }
  #display("http_recv_body: min=", _min, "; max=", _max, "\n");
  if (_min)
  {
    _x = recv(socket: socket, length: _max, min: _min);
  }
  else
  {
    _x = recv(socket: socket, length: _max);
  }
  return(_x);
}

Reply via email to