main/mini_httpd: fix handling of cgi programs with binary output

ref #6391

main/mini_httpd/APKBUILD

@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=mini_httpd
 pkgver=1.25
-pkgrel=1
+pkgrel=2
 pkgdesc="Small forking webserver with ssl and ipv6 support"
 url="http://www.acme.com/software/mini_httpd/"
 arch="all"
@@ -11,21 +11,24 @@ makedepends="libressl-dev"
 subpackages="$pkgname-doc"
 install="$pkgname.pre-install $pkgname.pre-upgrade"
 source="http://www.acme.com/software/mini_httpd/$pkgname-$pkgver.tar.gz
+	fix-cgi.patch
 	$pkgname.conf.sample
 	$pkgname.initd
 	$pkgname.logrotate
 	"
 
-_builddir="$srcdir/$pkgname-$pkgver"
+builddir="$srcdir/$pkgname-$pkgver"
 
 prepare() {
-	cd "$_builddir"
+	default_prepare || return 1
+
+	cd "$builddir"
 	sed -i s:getline:htgetline:g \
 		htpasswd.c || return 1
 }
 
 build() {
-	cd "$_builddir"
+	cd "$builddir"
 	make CFLAGS="${CFLAGS} -DUSE_SSL" \
 		LDFLAGS="${LDFLAGS}" \
 		SSL_LIBS="-lssl -lcrypto" \
@@ -33,7 +36,7 @@ build() {
 }
 
 package() {
-	cd "$_builddir"
+	cd "$builddir"
 	# does not respect DESTDIR
 	make install \
 		BINDIR="$pkgdir"/usr/sbin \
@@ -54,14 +57,17 @@ package() {
 }
 
 md5sums="e3fc3f28526b8cf810eea91a219851a0  mini_httpd-1.25.tar.gz
+eb1c3af0911c74690acfd0d6d4475198  fix-cgi.patch
 9254094233d05a69b2953dd9e8c9ce1c  mini_httpd.conf.sample
 1679e25f17788a8c9be752ff059bbd9b  mini_httpd.initd
 915683e9c7e1cef7ce9b1bbaa31ab680  mini_httpd.logrotate"
 sha256sums="25a0325e698d6bf828ab8089d5ba8835edd7384936cd3074e1543ecafd85958c  mini_httpd-1.25.tar.gz
+bf67da598db0c4c932e6b512ea657c20c83e67d732a19dcba0c4432922c7a09a  fix-cgi.patch
 bc6fb1d7a1ac42549b469be5dd4368a5afca502562f9488a7061f16d0434d353  mini_httpd.conf.sample
 cae12348aa748a24d52ca51c7846e5af28e3bf3c57c08b5f436b1fb82f4aa0cd  mini_httpd.initd
 e7b4388fc574916b0b4948c60655f55c51a481fe1b2c2f34c55775f0c454bcb5  mini_httpd.logrotate"
 sha512sums="59cbcef642a8c734bf85517958e807d4790b42ed2ab00e1cef1781d391609cf6e5602cfff4a1833423edf5ee2ada5dbd5443aa701e9a626db500cd07c84a6cbb  mini_httpd-1.25.tar.gz
+0ba18ce425ceb3f9fb18eeec7be2453263d76f81dfcc357fb8bd9d31bd89af69b030fa4d82bfe48441e81625a211e372aa06facd8fccacd5c0f33269a77de71f  fix-cgi.patch
 4ecb6a2686cebfa97ff5f7ab99f6903d43468a01eea9d3e5852f2bcc48f280b538a17acaa30aff05ea4645df8bfa6544082a494452e1eff9745f86460e378411  mini_httpd.conf.sample
 821e775318d7fff1f77dc3bd08ac2095233a9224be424eb796c1d6eae6cea5b1ed99a6b18d367bb120ceff5f5a2026f88c6bc3d54a754120bc68b27ea7c46a49  mini_httpd.initd
 ebaae32d151de8d8f923b0bbfd7a3524d47ee96fce46b46e8f44f5495459828508bb98b3c0250c76bf76e205f61ef4dfc273835731e3edf8e3d51761dd638e3c  mini_httpd.logrotate"

main/mini_httpd/fix-cgi.patch

@@ -0,0 +1,28 @@
+The headers buffer contains also potentially binary data the CGI program is
+sending, and it needs to be sent out later. Use add_data() to cache data so
+the cgi output does not get corrupted on first zero byte. add_data() still
+always terminates the buffer with zero, so strstr() can used safely.
+
+diff -ru mini_httpd-1.25.orig/mini_httpd.c mini_httpd-1.25/mini_httpd.c
+--- mini_httpd-1.25.orig/mini_httpd.c	2016-07-07 06:02:52.000000000 +0300
++++ mini_httpd-1.25/mini_httpd.c	2016-11-09 12:01:19.025607907 +0200
+@@ -1998,7 +1998,7 @@
+ 	add_str( &headers, &headers_size, &headers_len, (char*) 0 );
+ 	for (;;)
+ 	    {
+-	    r = read( rfd, buf, sizeof(buf) - 1 );
++	    r = read( rfd, buf, sizeof(buf) );
+ 	    if ( r < 0 && ( errno == EINTR || errno == EAGAIN ) )
+ 		{
+ 		sleep( 1 );
+@@ -2009,8 +2009,7 @@
+ 		br = &(headers[headers_len]);
+ 		break;
+ 		}
+-	    buf[r] = '\0';
+-	    add_str( &headers, &headers_size, &headers_len, buf );
++	    add_data( &headers, &headers_size, &headers_len, buf, r );
+ 	    if ( ( br = strstr( headers, "\015\012\015\012" ) ) != (char*) 0 ||
+ 		 ( br = strstr( headers, "\012\012" ) ) != (char*) 0 )
+ 		break;
+