<p>Richard Mudgett has uploaded this change for <strong>review</strong>.</p><p><a href="https://gerrit.asterisk.org/10030">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">http.c: Give HTTP error response when received lines are too long.<br><br>Added a check when we receive a HTTP request line or header line that is<br>too long. We now return an error response to the sender because we are<br>not able to process the request.<br><br>Change-Id: I6df2705435fd7dde4d5d3bdf7acec859cfb7c12d<br>---<br>M main/http.c<br>1 file changed, 17 insertions(+), 0 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/30/10030/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/main/http.c b/main/http.c</span><br><span>index e8d395b..15c6da2 100644</span><br><span>--- a/main/http.c</span><br><span>+++ b/main/http.c</span><br><span>@@ -1772,6 +1772,7 @@</span><br><span> </span><br><span> remaining_headers = MAX_HTTP_REQUEST_HEADERS;</span><br><span> for (;;) {</span><br><span style="color: hsl(120, 100%, 40%);">+ size_t len;</span><br><span> char *name;</span><br><span> char *value;</span><br><span> </span><br><span>@@ -1779,6 +1780,13 @@</span><br><span> ast_http_error(ser, 400, "Bad Request", "Timeout");</span><br><span> return -1;</span><br><span> }</span><br><span style="color: hsl(120, 100%, 40%);">+ len = strlen(header_line);</span><br><span style="color: hsl(120, 100%, 40%);">+ if (!len || header_line[len - 1] != '\n') {</span><br><span style="color: hsl(120, 100%, 40%);">+ /* We didn't get a full line */</span><br><span style="color: hsl(120, 100%, 40%);">+ ast_http_error(ser, 400, "Bad Request",</span><br><span style="color: hsl(120, 100%, 40%);">+ (len == sizeof(header_line) - 1) ? "Header line too long" : "Timeout");</span><br><span style="color: hsl(120, 100%, 40%);">+ return -1;</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span> </span><br><span> /* Trim trailing characters */</span><br><span> ast_trim_blanks(header_line);</span><br><span>@@ -1847,6 +1855,7 @@</span><br><span> struct http_worker_private_data *request;</span><br><span> enum ast_http_method http_method = AST_HTTP_UNKNOWN;</span><br><span> int res;</span><br><span style="color: hsl(120, 100%, 40%);">+ size_t len;</span><br><span> char request_line[MAX_HTTP_LINE_LENGTH];</span><br><span> </span><br><span> if (!fgets(request_line, sizeof(request_line), ser->f)) {</span><br><span>@@ -1857,6 +1866,14 @@</span><br><span> request = ser->private_data;</span><br><span> http_request_tracking_init(request);</span><br><span> </span><br><span style="color: hsl(120, 100%, 40%);">+ len = strlen(request_line);</span><br><span style="color: hsl(120, 100%, 40%);">+ if (!len || request_line[len - 1] != '\n') {</span><br><span style="color: hsl(120, 100%, 40%);">+ /* We didn't get a full line */</span><br><span style="color: hsl(120, 100%, 40%);">+ ast_http_error(ser, 400, "Bad Request",</span><br><span style="color: hsl(120, 100%, 40%);">+ (len == sizeof(request_line) - 1) ? "Request line too long" : "Timeout");</span><br><span style="color: hsl(120, 100%, 40%);">+ return -1;</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span> /* Get method */</span><br><span> method = ast_skip_blanks(request_line);</span><br><span> uri = ast_skip_nonblanks(method);</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/10030">change 10030</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/10030"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: 13 </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>
<div style="display:none"> Gerrit-Change-Id: I6df2705435fd7dde4d5d3bdf7acec859cfb7c12d </div>
<div style="display:none"> Gerrit-Change-Number: 10030 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Richard Mudgett <rmudgett@digium.com> </div>