Skip to content

V
vlc-2-2
Commit 1952b89f authored by Rémi Denis-Courmont's avatar Rémi Denis-Courmont
Browse files
Options

httpd: reject incoming requests bodies over 64k 

(cherry picked from commit 44b7c126c6d2a2002758c12db2f0bb89dc328a3c)
parent 7153f2b3
Show whitespace changes
Inline Side-by-side
Showing with 5 additions and 1 deletion
src/network/httpd.c
View file @ 1952b89f
...@@ -1373,6 +1373,7 @@ static void httpd_ClientRecv(httpd_client_t *cl) ...@@ -1373,6 +1373,7 @@ static void httpd_ClientRecv(httpd_client_t *cl)
} }
} else if (cl->query.i_body > 0) { } else if (cl->query.i_body > 0) {
/* we are reading the body of a request or a channel */ /* we are reading the body of a request or a channel */
assert (cl->query.p_body != NULL);
i_len = httpd_NetRecv(cl, &cl->query.p_body[cl->i_buffer], i_len = httpd_NetRecv(cl, &cl->query.p_body[cl->i_buffer],
cl->query.i_body - cl->i_buffer); cl->query.i_body - cl->i_buffer);
if (i_len > 0) if (i_len > 0)
...@@ -1565,7 +1566,10 @@ static void httpd_ClientRecv(httpd_client_t *cl) ...@@ -1565,7 +1566,10 @@ static void httpd_ClientRecv(httpd_client_t *cl)
/* TODO Mhh, handle the case where the client only /* TODO Mhh, handle the case where the client only
* sends a request and closes the connection to * sends a request and closes the connection to
* mark the end of the body (probably only RTSP) */ * mark the end of the body (probably only RTSP) */
if (cl->query.i_body >= 65536)
cl->query.p_body = malloc(cl->query.i_body); cl->query.p_body = malloc(cl->query.i_body);
else
cl->query.p_body = NULL;
cl->i_buffer = 0; cl->i_buffer = 0;
if (!cl->query.p_body) { if (!cl->query.p_body) {
switch (cl->query.i_proto) { switch (cl->query.i_proto) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment