Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
DISCONTINUED:openSUSE:11.2:Update
sblim-sfcb
0270-max_content_length2.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0270-max_content_length2.patch of Package sblim-sfcb
diff -up ./control.c.orig ./control.c --- ./control.c.orig 2008-12-04 14:48:47.000000000 -0700 +++ ./control.c 2008-12-04 14:45:33.000000000 -0700 @@ -109,7 +109,7 @@ Control init[] = { {"traceLevel", 1, "0"}, {"traceMask", 1, "0"}, - {"httpMaxContentLength", 1, "0"}, + {"httpMaxContentLength", 1, "100000000"}, }; void sunsetControl() @@ -236,6 +236,25 @@ int getControlNum(char *id, long *val) return rc; } +int getControlUNum(char *id, unsigned int *val) +{ + Control *ctl; + int rc = -1; + if ((ctl = ct->ft->get(ct, id))) { + if (ctl->type == 1 && isdigit(ctl->strValue[0])) { + unsigned long tmp = strtoul(ctl->strValue,NULL,0); + if (tmp < UINT_MAX) + { + *val = tmp; + return 0; + } + } + rc = -2; + } + *val = 0; + return rc; +} + int getControlBool(char *id, int *val) { Control *ctl; diff -up ./control.h.orig ./control.h --- ./control.h.orig 2008-12-04 14:48:52.000000000 -0700 +++ ./control.h 2008-12-04 14:31:20.000000000 -0700 @@ -25,6 +25,7 @@ int setupControl(char *fn); void sunsetControl(); int getControlChars(char *id, char **val); int getControlNum(char *id, long *val); +int getControlUNum(char *id, unsigned int *val); int getControlBool(char *id, int *val); #endif diff -up ./httpAdapter.c.orig ./httpAdapter.c --- ./httpAdapter.c.orig 2008-12-04 14:48:33.000000000 -0700 +++ ./httpAdapter.c 2008-12-04 14:54:19.000000000 -0700 @@ -120,7 +120,9 @@ typedef int (*Authenticate)(char* princi typedef struct _buffer { char *data, *content; - int length, size, ptr, content_length,trailers; + int length, size, ptr; + unsigned int content_length; + int trailers; char *httpHdr, *authorization, *content_type, *host, *useragent; char *principal; char *protocol; @@ -372,7 +374,7 @@ static int readData(CommHndl conn_fd, ch static int getPayload(CommHndl conn_fd, Buffer * b) { - int c = b->length - b->ptr; + unsigned int c = b->length - b->ptr; int rc = 0; b->content = (char *) malloc(b->content_length + 8); if (c) memcpy(b->content, (b->data) + b->ptr, c); @@ -692,7 +694,8 @@ static int doHttpRequest(CommHndl conn_f Buffer inBuf = { NULL, NULL, 0, 0, 0, 0, 0 ,0}; RespSegments response; static RespSegments nullResponse = { NULL, 0, 0, NULL, { {0, NULL} } }; - int len, hl, rc,uset=0; + unsigned long len; + int hl, rc,uset=0; char *hdr, *path; int discardInput=0; MsgSegment msgs[2]; @@ -711,7 +714,7 @@ static int doHttpRequest(CommHndl conn_f inBuf.authorization = ""; inBuf.protocol="HTTP/1.1"; inBuf.content_type = NULL; - inBuf.content_length = -1; + inBuf.content_length = UINT_MAX; inBuf.host = NULL; inBuf.useragent = ""; int badReq = 0; @@ -783,15 +786,29 @@ static int doHttpRequest(CommHndl conn_f else if (strncasecmp(hdr, "Content-Length:", 15) == 0) { cp = &hdr[15]; cp += strspn(cp, " \t"); - inBuf.content_length = atol(cp); - int maxLen; - getControlNum("httpMaxContentLength", &maxLen); - if((maxLen) && (inBuf.content_length > maxLen)) { + if (cp[0] == '-') + { + genError(conn_fd, &inBuf, 400, "Negative Content-Length", NULL); + _SFCB_TRACE(1, ("--- exiting: content-length too big")); + commClose(conn_fd); + exit(1); + } + unsigned long clen = strtoul(cp, NULL, 0); + unsigned int maxLen; + if (getControlUNum("httpMaxContentLength", &maxLen) != 0) + { + genError(conn_fd, &inBuf, 501, "Server misconfigured (httpMaxContentLength)", NULL); + _SFCB_TRACE(1, ("--- exiting: bad config httpMaxContentLength")); + commClose(conn_fd); + exit(1); + } + if((clen >= UINT_MAX) || ((maxLen) && (clen > maxLen))) { genError(conn_fd, &inBuf, 413, "Request Entity Too Large", NULL); _SFCB_TRACE(1, ("--- exiting: content-length too big")); commClose(conn_fd); exit(1); } + inBuf.content_length = clen; } else if (strncasecmp(hdr, "Content-Type:", 13) == 0) { cp = &hdr[13]; @@ -876,7 +893,7 @@ static int doHttpRequest(CommHndl conn_f } len = inBuf.content_length; - if (len < 0) { + if (len == UINT_MAX) { if (!discardInput) { genError(conn_fd, &inBuf, 411, "Length Required", NULL); }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor