httpd: fix parsing of request body

This caused genuine bugs like mangled bodies and corrupted requests (usually leading to 501 errors), and possibly leaks of memory buffer of the size of the Content-Length parameter. This is pretty bad since crafted requests could easily exhaust the memory and/or trigger a crash. Apart from the contents of the buffer of the involved request, there doesn't seem to be any possible memory corruption.

httpd: fix parsing of request body
This caused genuine bugs like mangled bodies and corrupted requests (usually leading to 501 errors), and possibly leaks of memory buffer of the size of the Content-Length parameter. This is pretty bad since crafted requests could easily exhaust the memory and/or trigger a crash. Apart from the contents of the buffer of the involved request, there doesn't seem to be any possible memory corruption.
8fae1e14 · Pierre Ynard · 4c87b90b · 8fae1e14
Commit 8fae1e14 authored Dec 11, 2010 by Pierre Ynard
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 0 deletions

src/network/httpd.c src/network/httpd.c +1 -0

No files found.
--- a/src/network/httpd.c
+++ b/src/network/httpd.c
@@ -1834,6 +1834,7 @@ static void httpd_ClientRecv( httpd_client_t *cl )
                     * mark the end of the body (probably only RTSP) */
                    cl->query.p_body = xmalloc( cl->query.i_body );
                    cl->i_buffer = 0;
+                    break;
                }
                else
                {