mirror/mongoose
1
0
Fork 0
mirror of https://github.com/cesanta/mongoose.git synced 2025-07-24 14:16:15 +08:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

Added check for negative value for HTTP Content-Length header

Browse Source
This commit is contained in:
Allan Park 2023-05-16 15:17:33 +03:00
parent 9088b00006
commit 4663090a8f
3 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
mongoose.c
View File

@ -1463,7 +1463,9 @@ int mg_http_parse(const char *s, size_t len, struct mg_http_message *hm) {
mg_http_parse_headers(s, end, hm->headers,
sizeof(hm->headers) / sizeof(hm->headers[0]));
if ((cl = mg_http_get_header(hm, "Content-Length")) != NULL) {
hm->body.len = (size_t) mg_to64(*cl);
int64_t content_len = mg_to64(*cl);
if(content_len < 0) return -1;
hm->body.len = (size_t) content_len;
hm->message.len = (size_t) req_len + hm->body.len;
}

4
src/http.c
View File

@ -231,7 +231,9 @@ int mg_http_parse(const char *s, size_t len, struct mg_http_message *hm) {
mg_http_parse_headers(s, end, hm->headers,
sizeof(hm->headers) / sizeof(hm->headers[0]));
if ((cl = mg_http_get_header(hm, "Content-Length")) != NULL) {
hm->body.len = (size_t) mg_to64(*cl);
int64_t content_len = mg_to64(*cl);
if(content_len < 0) return -1;
hm->body.len = (size_t) content_len;
hm->message.len = (size_t) req_len + hm->body.len;
}

4
test/unit_test.c
View File

@ -790,6 +790,10 @@ static void test_http_server(void) {
ASSERT(fetch(&mgr, buf, url, "GET /..ddot HTTP/1.0\n\n") == 301);
ASSERT(fetch(&mgr, buf, url, "GET /..ddot/ HTTP/1.0\n\n") == 200);
ASSERT(cmpbody(buf, "hi\n") == 0);
ASSERT(fetch(&mgr, buf, url, "GET /a.txt HTTP/1.0\n"
"Content-Length: -123\n\n") == 0);
ASSERT(fetch(&mgr, buf, url, "POST /a.txt HTTP/1.0\n"
"Content-Length: -123\n\n") == 0);
{
extern char *mg_http_etag(char *, size_t, size_t, time_t);