Work around more typos that might end up in torrent files as announce urls

1 files changed, 16 insertions, 8 deletions

diff --git a/opentracker.c b/opentracker.c
index bfb5c53..d916aa7 100644
--- a/opentracker.c
+++ b/opentracker.c
@@ -390,13 +390,14 @@ write( 2, debug_request, l );
       return sendmmapdata( s, reply, reply_size );
     }
 
-    /* This is to hack around stupid clients that just replace
-       "announce ?info_hash" with "scrape ?info_hash".
-       We do not want to bomb them with full scrapes */
-    if( !byte_diff( c, 2, " ?" ) ) c+=2;
-
 SCRAPE_WORKAROUND:
 
+    /* This is to hack around stupid clients that send "announce ?info_hash" */
+    if( c[-1] != '?' ) {
+      while( ( *c != '?' ) && ( *c != '\n' ) ) ++c;
+      if( *c == '\n' ) HTTPERROR_400_PARAM;
+    }
+
     scanon = 1;
     scrape_count = 0;
     while( scanon ) {
@@ -429,15 +430,19 @@ SCRAPE_WORKAROUND:
  *      A N N O U N C E       *
  ******************************/
   case 7:
-    if( byte_diff( data, 7, "announc" ) ) HTTPERROR_404;
-    goto ANNOUNCE_WORKAROUND;
+    if( !byte_diff( data, 7, "announc" ) ) goto ANNOUNCE_WORKAROUND;
+    if( !byte_diff( data, 7, "anounce" ) ) goto ANNOUNCE_WORKAROUND;
+    HTTPERROR_404;
   case 8:
     if( byte_diff( data, 8, "announce" ) ) HTTPERROR_404;
 
 ANNOUNCE_WORKAROUND:
 
     /* This is to hack around stupid clients that send "announce ?info_hash" */
-    if( !byte_diff( c+1, 5, "?info" ) ) c+=2;
+    if( c[-1] != '?' ) {
+      while( ( *c != '?' ) && ( *c != '\n' ) ) ++c;
+      if( *c == '\n' ) HTTPERROR_400_PARAM;
+    }
 
     OT_SETIP( &peer, ((struct http_data*)io_getcookie( s ) )->ip );
     OT_SETPORT( &peer, &port );
@@ -525,6 +530,9 @@ ANNOUNCE_WORKAROUND:
     }
     ot_overall_tcp_successfulannounces++;
     break;
+  case 9:
+    if( byte_diff( data, 9, "announce " ) ) HTTPERROR_404;
+    goto ANNOUNCE_WORKAROUND;
   case 10:
     if( byte_diff( data, 10, "scrape.php" ) ) HTTPERROR_404;
     goto SCRAPE_WORKAROUND;