On Thu, Jun 27, 2013 at 11:20:56PM +0400, Dmitry Popov wrote:
Consider a case when we've just read chunk size (but nothing else): case sw_chunk_size: ctx->length = 2 /* LF LF */ + (ctx->size ? ctx->size + 4 /* LF "0" LF LF */ : 0); break; ctx->length will be equal to 6 + ctx->size, but actually we need 5 + ctx->size bytes: LF <data> LF 0 LF LF. It may lead to a deadlock (peer waits for a response from us while we wait for that last byte).
- IIRC, RFC states that CRLF should be used after chunk size, not LF, so it's
not so critical, but I think it should be fixed anyway.
Thanks, patch committed (with minor changes).