mirror/mongoose
1
0
Fork 0
mirror of https://github.com/cesanta/mongoose.git synced 2025-01-19 08:03:14 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Stricter mg_http_parse()

Browse Source
This commit is contained in:
cpq 2021-02-09 21:16:33 +00:00
parent 42bc7b1f47
commit 0a9303bb07
3 changed files with 23 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
mongoose.c
View File

@ -526,12 +526,12 @@ int mg_http_get_request_len(const unsigned char *buf, size_t buf_len) {
return 0;
}
static const char *skip(const char *s, const char *end, const char *delims,
static const char *skip(const char *s, const char *e, const char *d,
struct mg_str *v) {
v->ptr = s;
while (s < end && strchr(delims, *(unsigned char *) s) == NULL) s++;
while (s < e && *s != '\n' && strchr(d, *s) == NULL) s++;
v->len = s - v->ptr;
while (s < end && strchr(delims, *(unsigned char *) s) != NULL) s++;
while (s < e && strchr(d, *s) != NULL) s++;
return s;
}
@ -579,7 +579,7 @@ int mg_http_parse(const char *s, size_t len, struct mg_http_message *hm) {
s = skip(s, end, " ", &hm->method);
s = skip(s, end, " ", &hm->uri);
s = skip(s, end, "\r\n", &hm->proto);
if (hm->uri.ptr <= hm->method.ptr || hm->proto.ptr <= hm->uri.ptr) return -1;
if (hm->method.len == 0 || hm->uri.len == 0 || hm->proto.len == 0) return -1;
// If URI contains '?' character, setup query string
if ((qs = (const char *) memchr(hm->uri.ptr, '?', hm->uri.len)) != NULL) {

10
src/http.c
View File

@ -106,12 +106,12 @@ int mg_http_get_request_len(const unsigned char *buf, size_t buf_len) {
return 0;
}
static const char *skip(const char *s, const char *end, const char *delims,
static const char *skip(const char *s, const char *e, const char *d,
struct mg_str *v) {
v->ptr = s;
while (s < end && strchr(delims, *(unsigned char *) s) == NULL) s++;
while (s < e && *s != '\n' && strchr(d, *s) == NULL) s++;
v->len = s - v->ptr;
while (s < end && strchr(delims, *(unsigned char *) s) != NULL) s++;
while (s < e && strchr(d, *s) != NULL) s++;
return s;
}
@ -159,7 +159,9 @@ int mg_http_parse(const char *s, size_t len, struct mg_http_message *hm) {
s = skip(s, end, " ", &hm->method);
s = skip(s, end, " ", &hm->uri);
s = skip(s, end, "\r\n", &hm->proto);
if (hm->uri.ptr <= hm->method.ptr || hm->proto.ptr <= hm->uri.ptr) return -1;
// Sanity check
if (hm->method.len == 0 || hm->uri.len == 0 || hm->proto.len == 0) return -1;
// If URI contains '?' character, setup query string
if ((qs = (const char *) memchr(hm->uri.ptr, '?', hm->uri.len)) != NULL) {

15
test/unit_test.c
View File

@ -848,6 +848,16 @@ static void test_http_parse(void) {
ASSERT(mg_strcmp(hm.uri, mg_str("/foo")) == 0);
ASSERT(mg_strcmp(hm.query, mg_str("bar=baz")) == 0);
}
{
struct mg_http_message hm;
const char *req = "a b c\n\n";
ASSERT(mg_http_parse(req, strlen(req), &hm) == (int) strlen(req));
req = "a b\nc\n\n";
ASSERT(mg_http_parse(req, strlen(req), &hm) < 0);
req = "a\nb\nc\n\n";
ASSERT(mg_http_parse(req, strlen(req), &hm) < 0);
}
}
static void test_http_range(void) {
@ -860,7 +870,8 @@ static void test_http_range(void) {
mg_http_listen(&mgr, url, eh1, NULL);
ASSERT(fetch(&mgr, buf, url, "GET /range.txt HTTP/1.0\n\n") == 200);
mg_http_parse(buf, strlen(buf), &hm);
ASSERT(mg_http_parse(buf, strlen(buf), &hm) > 0);
LOG(LL_INFO, ("----%d\n[%s]", (int) hm.body.len, buf));
ASSERT(hm.body.len == 312);
// ASSERT(strlen(buf) == 312);
@ -1117,6 +1128,7 @@ static void test_util(void) {
int main(void) {
mg_log_set("3");
test_http_parse();
test_util();
test_sntp();
test_dns();
@ -1131,7 +1143,6 @@ int main(void) {
test_http_get_var();
test_tls();
test_ws();
test_http_parse();
test_http_server();
test_http_client();
test_http_no_content_length();