a1batross
/
kore
forked from mirrors/kore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Send a 413 if header_recv buffer is full. 

Kore used to just stall the connection until the timeout kicked
in, but if no proper headers were received by the time the header
buffer is full we should just error out.

While here, use s_off for the inital length check.
This commit is contained in:
Joris Vink 2022-09-07 12:41:38 +02:00
parent 80db912c34
commit 783cc6cd4c
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/http.c
View File

@ -799,7 +799,7 @@ http_header_recv(struct netbuf *nb)
c = nb->owner;
if (nb->b_len < 4)
if (nb->s_off < 4)
return (KORE_RESULT_OK);
if (!isalpha(nb->buf[0])) {
@ -811,8 +811,14 @@ http_header_recv(struct netbuf *nb)
end_headers = kore_mem_find(nb->buf, nb->s_off, "\r\n\r\n", 4);
if (end_headers == NULL) {
end_headers = kore_mem_find(nb->buf, nb->s_off, "\n\n", 2);
if (end_headers == NULL)
if (end_headers == NULL) {
if (nb->s_off == http_header_max) {
http_error_response(c,
HTTP_STATUS_REQUEST_ENTITY_TOO_LARGE);
return (KORE_RESULT_ERROR);
}
return (KORE_RESULT_OK);
}
skip = 2;
}