kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-11-04 05:15:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

http.c: Give HTTP error response when received lines are too long.

Browse Source 
Added a check when we receive a HTTP request line or header line that is
too long.  We now return an error response to the sender because we are
not able to process the request.

Change-Id: I6df2705435fd7dde4d5d3bdf7acec859cfb7c12d
This commit is contained in:
Richard Mudgett
2018-08-30 14:42:06 -05:00
parent b07da4b472
commit e387750104
1 changed files with 19 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
main/http.c
View File

@@ -1740,13 +1740,21 @@ static int http_request_headers_get(struct ast_tcptls_session_instance *ser, str
remaining_headers = MAX_HTTP_REQUEST_HEADERS;
for (;;) {
ssize_t len;
char *name;
char *value;
if (ast_iostream_gets(ser->stream, header_line, sizeof(header_line)) <= 0) {
len = ast_iostream_gets(ser->stream, header_line, sizeof(header_line));
if (len <= 0) {
ast_http_error(ser, 400, "Bad Request", "Timeout");
return -1;
}
if (header_line[len - 1] != '\n') {
/* We didn't get a full line */
ast_http_error(ser, 400, "Bad Request",
(len == sizeof(header_line) - 1) ? "Header line too long" : "Timeout");
return -1;
}
/* Trim trailing characters */
ast_trim_blanks(header_line);
@@ -1815,9 +1823,11 @@ static int httpd_process_request(struct ast_tcptls_session_instance *ser)
struct http_worker_private_data *request;
enum ast_http_method http_method = AST_HTTP_UNKNOWN;
int res;
ssize_t len;
char request_line[MAX_HTTP_LINE_LENGTH];
if (ast_iostream_gets(ser->stream, request_line, sizeof(request_line)) <= 0) {
len = ast_iostream_gets(ser->stream, request_line, sizeof(request_line));
if (len <= 0) {
return -1;
}
@@ -1825,6 +1835,13 @@ static int httpd_process_request(struct ast_tcptls_session_instance *ser)
request = ser->private_data;
http_request_tracking_init(request);
if (request_line[len - 1] != '\n') {
/* We didn't get a full line */
ast_http_error(ser, 400, "Bad Request",
(len == sizeof(request_line) - 1) ? "Request line too long" : "Timeout");
return -1;
}
/* Get method */
method = ast_skip_blanks(request_line);
uri = ast_skip_nonblanks(method);