http_protocol_handler: limit the number of starting newlines

This commit is contained in:
moneromooo-monero 2018-05-26 20:17:15 +01:00
parent fd9019b37d
commit 5e2e003cfb
No known key found for this signature in database
GPG key ID: 686F07454D6CEFC3
3 changed files with 12 additions and 1 deletions

View file

@ -607,7 +607,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
{ {
if(ec == boost::asio::error::operation_aborted) if(ec == boost::asio::error::operation_aborted)
return; return;
MDEBUG("Connection timeout, closing"); MDEBUG(context << "connection timeout, closing");
self->close(); self->close();
}); });
} }

View file

@ -141,6 +141,7 @@ namespace net_utils
size_t m_len_summary, m_len_remain; size_t m_len_summary, m_len_remain;
config_type& m_config; config_type& m_config;
bool m_want_close; bool m_want_close;
size_t m_newlines;
protected: protected:
i_service_endpoint* m_psnd_hndlr; i_service_endpoint* m_psnd_hndlr;
}; };

View file

@ -38,6 +38,7 @@
#define HTTP_MAX_URI_LEN 9000 #define HTTP_MAX_URI_LEN 9000
#define HTTP_MAX_HEADER_LEN 100000 #define HTTP_MAX_HEADER_LEN 100000
#define HTTP_MAX_STARTING_NEWLINES 8
namespace epee namespace epee
{ {
@ -203,6 +204,7 @@ namespace net_utils
m_len_remain(0), m_len_remain(0),
m_config(config), m_config(config),
m_want_close(false), m_want_close(false),
m_newlines(0),
m_psnd_hndlr(psnd_hndlr) m_psnd_hndlr(psnd_hndlr)
{ {
@ -216,6 +218,7 @@ namespace net_utils
m_body_transfer_type = http_body_transfer_undefined; m_body_transfer_type = http_body_transfer_undefined;
m_query_info.clear(); m_query_info.clear();
m_len_summary = 0; m_len_summary = 0;
m_newlines = 0;
return true; return true;
} }
//-------------------------------------------------------------------------------------------- //--------------------------------------------------------------------------------------------
@ -260,6 +263,13 @@ namespace net_utils
{ {
//some times it could be that before query line cold be few line breaks //some times it could be that before query line cold be few line breaks
//so we have to be calm without panic with assers //so we have to be calm without panic with assers
m_newlines += std::string::npos == ndel ? m_cache.size() : ndel;
if (m_newlines > HTTP_MAX_STARTING_NEWLINES)
{
LOG_ERROR("simple_http_connection_handler::handle_buff_out: Too many starting newlines");
m_state = http_state_error;
return false;
}
m_cache.erase(0, ndel); m_cache.erase(0, ndel);
break; break;
} }