Mp4: introduced custom version of ngx_atofp().

This allows to correctly parse "start" and "end" arguments without null-termination (ticket #475), and also fixes rounding errors observed with strtod() when using i387 instructions.
2025-02-25 18:55:26 -06:00 · 2016-10-27 17:57:16 +03:00 · 2016-10-27 17:57:16 +03:00 · 271d306056
commit 271d306056
parent 9ea918a41d
1 changed files with 60 additions and 14 deletions
--- a/src/http/modules/ngx_http_mp4_module.c
+++ b/src/http/modules/ngx_http_mp4_module.c
@ -216,6 +216,7 @@ typedef struct {


 static ngx_int_t ngx_http_mp4_handler(ngx_http_request_t *r);
+static ngx_int_t ngx_http_mp4_atofp(u_char *line, size_t n, size_t point);

 static ngx_int_t ngx_http_mp4_process(ngx_http_mp4_file_t *mp4);
 static ngx_int_t ngx_http_mp4_read_atom(ngx_http_mp4_file_t *mp4,
@ -537,26 +538,15 @@ ngx_http_mp4_handler(ngx_http_request_t *r)

            /*
             * A Flash player may send start value with a lot of digits
-             * after dot so strtod() is used instead of atofp().  NaNs and
-             * infinities become negative numbers after (int) conversion.
+             * after dot so a custom function is used instead of ngx_atofp().
             */

-            ngx_set_errno(0);
-            start = (int) (strtod((char *) value.data, NULL) * 1000);
-
-            if (ngx_errno != 0) {
-                start = -1;
-            }
+            start = ngx_http_mp4_atofp(value.data, value.len, 3);
        }

        if (ngx_http_arg(r, (u_char *) "end", 3, &value) == NGX_OK) {

-            ngx_set_errno(0);
-            end = (int) (strtod((char *) value.data, NULL) * 1000);
-
-            if (ngx_errno != 0) {
-                end = -1;
-            }
+            end = ngx_http_mp4_atofp(value.data, value.len, 3);

            if (end > 0) {
                if (start < 0) {
@ -686,6 +676,62 @@ ngx_http_mp4_handler(ngx_http_request_t *r)
 }


+static ngx_int_t
+ngx_http_mp4_atofp(u_char *line, size_t n, size_t point)
+{
+    ngx_int_t   value, cutoff, cutlim;
+    ngx_uint_t  dot;
+
+    /* same as ngx_atofp(), but allows additional digits */
+
+    if (n == 0) {
+        return NGX_ERROR;
+    }
+
+    cutoff = NGX_MAX_INT_T_VALUE / 10;
+    cutlim = NGX_MAX_INT_T_VALUE % 10;
+
+    dot = 0;
+
+    for (value = 0; n--; line++) {
+
+        if (*line == '.') {
+            if (dot) {
+                return NGX_ERROR;
+            }
+
+            dot = 1;
+            continue;
+        }
+
+        if (*line < '0' || *line > '9') {
+            return NGX_ERROR;
+        }
+
+        if (point == 0) {
+            continue;
+        }
+
+        if (value >= cutoff && (value > cutoff || *line - '0' > cutlim)) {
+            return NGX_ERROR;
+        }
+
+        value = value * 10 + (*line - '0');
+        point -= dot;
+    }
+
+    while (point--) {
+        if (value > cutoff) {
+            return NGX_ERROR;
+        }
+
+        value = value * 10;
+    }
+
+    return value;
+}
+
+
 static ngx_int_t
 ngx_http_mp4_process(ngx_http_mp4_file_t *mp4)
 {