Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent infinite HTTPrequest-loops by returning bytes #1

Open
mrpapercut opened this issue Jun 13, 2017 · 1 comment
Open

Prevent infinite HTTPrequest-loops by returning bytes #1

mrpapercut opened this issue Jun 13, 2017 · 1 comment
Assignees
@mrpapercut
Labels
bug help wanted

Comments

@mrpapercut
Copy link
Owner

When an HTTPrequest is made, the emulator doesn't actually execute the request (because that would be rather dangerous). However, many scripts I've encountered, rely on the size of the returned buffer to check if the script is finished downloading so it can continue the script. Take the following code (from example):

while (true)  {
    try {
        httpStream.open("GET", 'http://' + urls[i] + 1);
        httpStream.send();

        if (httpStream.status == 200)  {
            ADODBStream.open();
            ADODBStream.type = 1;
            ADODBStream.write(httpStream.responseBody);

            if (ADODBStream.size > 176277)  {
                finished = true;
                ADODBStream.position = 0;
                ADODBStream.saveToFile(destination, 2);

                try  {
                    runShellCommand(destination);
                    break;
                } catch (ra)  {

                };
            };

            ADODBStream.close();
        };

        if (finished) break;
    } catch (e)  {

    };

    i++;
};

The line "if (ADODBStream.size > 176277) {" is the focus here. Right now the size of an ADODBStream is always Infinity, so in this case it will validate to true because Infinity is bigger than 176277.
However, if the script is looking for an exact match like "if (ADODBStream.size == 176277) }", it will never validate to true and get stuck in the infinite while(true) loop.

Proposed solution:
For every iteration of "ADODBStream.write(httpStream.responseBody);", add 1 byte to the contents of the ADODBStream and update the size accordingly. This way we don't have to download the actual contents, but both "size > int" and "size == int" would validate to true.
@mrpapercut mrpapercut self-assigned this Jun 13, 2017
@mrpapercut
Copy link
Owner Author

mrpapercut commented Jun 26, 2017
edited
Loading

Proposed solution does not work. However, we could see if we can emulate it by updating the stream's size every time we read its value, like is done with the readyState on .send() in MSXML2.XMLHTTP.

This bug also causes another problem: when the script should call multiple urls, only the first url is ever returned. This means the analysis is incomplete and makes it a bug

@mrpapercut mrpapercut mentioned this issue Jun 28, 2017
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mrpapercut mrpapercut

Labels
bug help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mrpapercut