Refactor Lock-Token parsing into reusable helper and remove duplicated logic

metsw24-max · metsw24-max · commit a3c2a19e4f4d · 2026-03-28T01:45:14.000Z
diff --git a/modules/dav/main/mod_dav.c b/modules/dav/main/mod_dav.c
@@ -3587,9 +3587,6 @@ static int dav_method_unlock(request_rec *r)
     dav_resource *resource;
     const dav_hooks_locks *locks_hooks;
     int result;
-    apr_size_t len;
-    int has_open;
-    int has_close;
     const char *const_locktoken_txt;
     char *locktoken_txt;
     dav_locktoken *locktoken = NULL;
@@ -3609,25 +3606,9 @@ static int dav_method_unlock(request_rec *r)
         return HTTP_BAD_REQUEST;
     }
 
-    locktoken_txt = apr_pstrdup(r->pool, const_locktoken_txt);
-    len = strlen(locktoken_txt);
-
-    has_open = (len > 0 && locktoken_txt[0] == '<');
-    has_close = (len > 0 && locktoken_txt[len - 1] == '>');
-
-    if (has_open && has_close && len >= 2) {
-        locktoken_txt[len - 1] = '\0';
-        locktoken_txt++;
-
-        if (*locktoken_txt == '\0') {
-            /* ### should provide more specifics... */
-            return HTTP_BAD_REQUEST;
-        }
-    }
-    else {
-        /* ### should provide more specifics... */
-        return HTTP_BAD_REQUEST;
-    }
+    err = dav_parse_locktoken(r->pool, const_locktoken_txt, &locktoken_txt);
+    if (err != NULL)
+        return err->status;
 
     if ((err = (*locks_hooks->parse_locktoken)(r->pool, locktoken_txt,
                                                &locktoken)) != NULL) {
diff --git a/modules/dav/main/mod_dav.h b/modules/dav/main/mod_dav.h
@@ -1331,6 +1331,9 @@ struct dav_hooks_propdb
 
 DAV_DECLARE(time_t) dav_get_timeout(request_rec *r);
 DAV_DECLARE(time_t) dav_get_timeout_string(request_rec *r, const char *s);
+DAV_DECLARE(dav_error *) dav_parse_locktoken(apr_pool_t *p,
+                                             const char *input,
+                                             char **output);
 
 /*
 ** Opaque, provider-specific information for a lock database.
@@ -2756,5 +2759,4 @@ DAV_DECLARE(const dav_resource_type_provider *) dav_get_resource_type_providers(
 #endif
 
 #endif /* _MOD_DAV_H_ */
-/** @} */
-
+/** @} */
diff --git a/modules/dav/main/ms_wdv.c b/modules/dav/main/ms_wdv.c
@@ -205,27 +205,13 @@ static dav_error *mswdv_combined_lock(request_rec *r)
      * section 4.5 suggests using Lock-Token without brakets.
      */
     if (lock_token_hdr) {
-        apr_size_t len = strlen(lock_token_hdr);
-        int has_open = (len > 0 && lock_token_hdr[0] == '<');
-        int has_close = (len > 0 && lock_token_hdr[len - 1] == '>');
+        char *parsed_locktoken;
 
-        /*
-         * Defensive parsing: never read len - 1 or compute len - 2 unless
-         * length is known to be valid, and reject malformed one-sided
-         * bracket usage before token parsing.
-         */
-        if (has_open && has_close && len >= 2) {
-            lock_token_hdr = apr_pstrndup(r->pool, lock_token_hdr + 1, len - 2);
-        }
-        else if (has_open || has_close) {
-            failmsg = "Malformed Lock-Token header.";
-            goto done;
-        }
+        err = dav_parse_locktoken(r->pool, lock_token_hdr, &parsed_locktoken);
+        if (err != NULL)
+            goto out;
 
-        if (*lock_token_hdr == '\0') {
-            failmsg = "Malformed Lock-Token header.";
-            goto done;
-        }
+        lock_token_hdr = parsed_locktoken;
     }
 
     if (lock_timeout_hdr) {
diff --git a/modules/dav/main/util.c b/modules/dav/main/util.c
@@ -590,6 +590,47 @@ DAV_DECLARE(time_t) dav_get_timeout_string(request_rec *r,
     return DAV_TIMEOUT_INFINITE;
 }
 
+DAV_DECLARE(dav_error *) dav_parse_locktoken(apr_pool_t *p,
+                                             const char *input,
+                                             char **output)
+{
+    char *token;
+    apr_size_t len;
+    int has_open;
+    int has_close;
+
+    if (output == NULL) {
+        return dav_new_error(p, HTTP_INTERNAL_SERVER_ERROR, 0, 0,
+                             "DAV lock token parser called with NULL output pointer.");
+    }
+    *output = NULL;
+
+    if (input == NULL) {
+        return dav_new_error(p, HTTP_BAD_REQUEST, 0, 0,
+                             "No Lock-Token specified in header.");
+    }
+
+    len = strlen(input);
+
+    has_open = (len > 0 && input[0] == '<');
+    has_close = (len > 0 && input[len - 1] == '>');
+
+    if (len < 2 || !has_open || !has_close) {
+        return dav_new_error(p, HTTP_BAD_REQUEST, 0, 0,
+                             "Malformed Lock-Token header.");
+    }
+
+    token = apr_pstrndup(p, input + 1, len - 2);
+
+    if (*token == '\0') {
+        return dav_new_error(p, HTTP_BAD_REQUEST, 0, 0,
+                             "Malformed Lock-Token header.");
+    }
+
+    *output = token;
+    return NULL;
+}
+
 /* ---------------------------------------------------------------
 **
 ** If Header processing
@@ -2228,4 +2269,4 @@ DAV_DECLARE(dav_error *) dav_auto_checkin(
     }
 
     return NULL;
-}
+}
