mirror of
https://github.com/emikulic/darkhttpd.git
synced 2023-08-10 21:13:08 +03:00
. Make parse_request return int so it can return failure on malformed
requests. . Make it bomb out on malformed requests like "moo\r\n\r\n"
This commit is contained in:
parent
00fea650ed
commit
376c8b29fb
|
@ -1254,7 +1254,7 @@ static void parse_range_field(struct connection *conn)
|
||||||
* url (/), the referer (if given) and the user-agent (if given). Remember to
|
* url (/), the referer (if given) and the user-agent (if given). Remember to
|
||||||
* deallocate all these buffers. The method will be returned in uppercase.
|
* deallocate all these buffers. The method will be returned in uppercase.
|
||||||
*/
|
*/
|
||||||
static void parse_request(struct connection *conn)
|
static int parse_request(struct connection *conn)
|
||||||
{
|
{
|
||||||
size_t bound1, bound2;
|
size_t bound1, bound2;
|
||||||
char *tmp;
|
char *tmp;
|
||||||
|
@ -1273,6 +1273,8 @@ static void parse_request(struct connection *conn)
|
||||||
conn->request[bound1] == ' '; bound1++)
|
conn->request[bound1] == ' '; bound1++)
|
||||||
;
|
;
|
||||||
|
|
||||||
|
if (bound1 == conn->request_length) return 0; /* fail */
|
||||||
|
|
||||||
for (bound2=bound1+1; bound2 < conn->request_length &&
|
for (bound2=bound1+1; bound2 < conn->request_length &&
|
||||||
conn->request[bound2] != ' ' &&
|
conn->request[bound2] != ' ' &&
|
||||||
conn->request[bound2] != '\r'; bound2++)
|
conn->request[bound2] != '\r'; bound2++)
|
||||||
|
@ -1312,6 +1314,7 @@ static void parse_request(struct connection *conn)
|
||||||
conn->user_agent = parse_field(conn, "User-Agent: ");
|
conn->user_agent = parse_field(conn, "User-Agent: ");
|
||||||
|
|
||||||
parse_range_field(conn);
|
parse_range_field(conn);
|
||||||
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1478,9 +1481,12 @@ static void process_get(struct connection *conn)
|
||||||
*/
|
*/
|
||||||
static void process_request(struct connection *conn)
|
static void process_request(struct connection *conn)
|
||||||
{
|
{
|
||||||
parse_request(conn);
|
if (!parse_request(conn))
|
||||||
|
{
|
||||||
if (strcmp(conn->method, "GET") == 0)
|
default_reply(conn, 400, "Bad Request",
|
||||||
|
"You sent a request that the server couldn't understand.");
|
||||||
|
}
|
||||||
|
else if (strcmp(conn->method, "GET") == 0)
|
||||||
{
|
{
|
||||||
process_get(conn);
|
process_get(conn);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user