<p>George Joseph <strong>merged</strong> this change.</p><p><a href="https://gerrit.asterisk.org/10031">View Change</a></p><div style="white-space:pre-wrap">Approvals:
  Matthew Fredrickson: Looks good to me, but someone else must approve
  Benjamin Keith Ford: Looks good to me, but someone else must approve
  George Joseph: Looks good to me, approved; Approved for Submit

</div><pre style="font-family: monospace,monospace; white-space: pre-wrap;">http.c: Give HTTP error response when received lines are too long.<br><br>Added a check when we receive a HTTP request line or header line that is<br>too long.  We now return an error response to the sender because we are<br>not able to process the request.<br><br>Change-Id: I6df2705435fd7dde4d5d3bdf7acec859cfb7c12d<br>---<br>M main/http.c<br>1 file changed, 19 insertions(+), 2 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/main/http.c b/main/http.c</span><br><span>index 30b2fe2..77b9057 100644</span><br><span>--- a/main/http.c</span><br><span>+++ b/main/http.c</span><br><span>@@ -1740,13 +1740,21 @@</span><br><span> </span><br><span>      remaining_headers = MAX_HTTP_REQUEST_HEADERS;</span><br><span>        for (;;) {</span><br><span style="color: hsl(120, 100%, 40%);">+            ssize_t len;</span><br><span>                 char *name;</span><br><span>          char *value;</span><br><span> </span><br><span style="color: hsl(0, 100%, 40%);">-                if (ast_iostream_gets(ser->stream, header_line, sizeof(header_line)) <= 0) {</span><br><span style="color: hsl(120, 100%, 40%);">+            len = ast_iostream_gets(ser->stream, header_line, sizeof(header_line));</span><br><span style="color: hsl(120, 100%, 40%);">+            if (len <= 0) {</span><br><span>                   ast_http_error(ser, 400, "Bad Request", "Timeout");</span><br><span>                      return -1;</span><br><span>           }</span><br><span style="color: hsl(120, 100%, 40%);">+             if (header_line[len - 1] != '\n') {</span><br><span style="color: hsl(120, 100%, 40%);">+                   /* We didn't get a full line */</span><br><span style="color: hsl(120, 100%, 40%);">+                   ast_http_error(ser, 400, "Bad Request",</span><br><span style="color: hsl(120, 100%, 40%);">+                             (len == sizeof(header_line) - 1) ? "Header line too long" : "Timeout");</span><br><span style="color: hsl(120, 100%, 40%);">+                   return -1;</span><br><span style="color: hsl(120, 100%, 40%);">+            }</span><br><span> </span><br><span>                /* Trim trailing characters */</span><br><span>               ast_trim_blanks(header_line);</span><br><span>@@ -1815,9 +1823,11 @@</span><br><span>       struct http_worker_private_data *request;</span><br><span>    enum ast_http_method http_method = AST_HTTP_UNKNOWN;</span><br><span>         int res;</span><br><span style="color: hsl(120, 100%, 40%);">+      ssize_t len;</span><br><span>         char request_line[MAX_HTTP_LINE_LENGTH];</span><br><span> </span><br><span style="color: hsl(0, 100%, 40%);">-    if (ast_iostream_gets(ser->stream, request_line, sizeof(request_line)) <= 0) {</span><br><span style="color: hsl(120, 100%, 40%);">+  len = ast_iostream_gets(ser->stream, request_line, sizeof(request_line));</span><br><span style="color: hsl(120, 100%, 40%);">+  if (len <= 0) {</span><br><span>           return -1;</span><br><span>   }</span><br><span> </span><br><span>@@ -1825,6 +1835,13 @@</span><br><span>       request = ser->private_data;</span><br><span>      http_request_tracking_init(request);</span><br><span> </span><br><span style="color: hsl(120, 100%, 40%);">+      if (request_line[len - 1] != '\n') {</span><br><span style="color: hsl(120, 100%, 40%);">+          /* We didn't get a full line */</span><br><span style="color: hsl(120, 100%, 40%);">+           ast_http_error(ser, 400, "Bad Request",</span><br><span style="color: hsl(120, 100%, 40%);">+                     (len == sizeof(request_line) - 1) ? "Request line too long" : "Timeout");</span><br><span style="color: hsl(120, 100%, 40%);">+         return -1;</span><br><span style="color: hsl(120, 100%, 40%);">+    }</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span>  /* Get method */</span><br><span>     method = ast_skip_blanks(request_line);</span><br><span>      uri = ast_skip_nonblanks(method);</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/10031">change 10031</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/10031"/><meta itemprop="name" content="View Change"/></div></div>

<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: 15 </div>
<div style="display:none"> Gerrit-MessageType: merged </div>
<div style="display:none"> Gerrit-Change-Id: I6df2705435fd7dde4d5d3bdf7acec859cfb7c12d </div>
<div style="display:none"> Gerrit-Change-Number: 10031 </div>
<div style="display:none"> Gerrit-PatchSet: 2 </div>
<div style="display:none"> Gerrit-Owner: Richard Mudgett <rmudgett@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: Benjamin Keith Ford <bford@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: George Joseph <gjoseph@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: Jenkins2 </div>
<div style="display:none"> Gerrit-Reviewer: Matthew Fredrickson <creslin@digium.com> </div>