flewkey/cuberite-2a
1
0
Fork 0
Code Releases Activity

Fixed HTTP parsing when in insecure mode.

Browse Source 
Parsing would ignore the size of data already buffered, resulting in bad_alloc exception.
Fixes #2898.
This commit is contained in:
Mattes D 2016-01-20 09:45:16 +01:00
parent 1d05fc95ae
commit 52c5ce6598
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/HTTP/HTTPRequestParser.cpp
View File

@ -35,11 +35,13 @@ size_t cHTTPRequestParser::ParseHeaders(const char * a_Data, size_t a_Size)
{ {
// The first line hasn't been processed yet // The first line hasn't been processed yet
size_t res = ParseRequestLine(a_Data, a_Size); size_t res = ParseRequestLine(a_Data, a_Size);
ASSERT((res == AString::npos) || (res <= a_Size));
if ((res == AString::npos) || (res == a_Size)) if ((res == AString::npos) || (res == a_Size))
{ {
return res; return res;
} }
size_t res2 = m_EnvelopeParser.Parse(a_Data + res, a_Size - res); size_t res2 = m_EnvelopeParser.Parse(a_Data + res, a_Size - res);
ASSERT((res2 == AString::npos) || (res2 <= a_Size - res));
if (res2 == AString::npos) if (res2 == AString::npos)
{ {
m_IsValid = false; m_IsValid = false;
@ -51,6 +53,7 @@ size_t cHTTPRequestParser::ParseHeaders(const char * a_Data, size_t a_Size)
if (m_EnvelopeParser.IsInHeaders()) if (m_EnvelopeParser.IsInHeaders())
{ {
size_t res = m_EnvelopeParser.Parse(a_Data, a_Size); size_t res = m_EnvelopeParser.Parse(a_Data, a_Size);
ASSERT((res == AString::npos) || (res <= a_Size));
if (res == AString::npos) if (res == AString::npos)
{ {
m_IsValid = false; m_IsValid = false;
@ -83,8 +86,9 @@ AString cHTTPRequestParser::GetBareURL(void) const
size_t cHTTPRequestParser::ParseRequestLine(const char * a_Data, size_t a_Size) size_t cHTTPRequestParser::ParseRequestLine(const char * a_Data, size_t a_Size)
{ {
auto inBufferSoFar = m_IncomingHeaderData.size();
m_IncomingHeaderData.append(a_Data, a_Size); m_IncomingHeaderData.append(a_Data, a_Size);
size_t IdxEnd = m_IncomingHeaderData.size(); auto IdxEnd = m_IncomingHeaderData.size();
// Ignore the initial CRLFs (HTTP spec's "should") // Ignore the initial CRLFs (HTTP spec's "should")
size_t LineStart = 0; size_t LineStart = 0;
@ -151,7 +155,7 @@ size_t cHTTPRequestParser::ParseRequestLine(const char * a_Data, size_t a_Size)
} }
m_Method = m_IncomingHeaderData.substr(LineStart, MethodEnd - LineStart); m_Method = m_IncomingHeaderData.substr(LineStart, MethodEnd - LineStart);
m_URL = m_IncomingHeaderData.substr(MethodEnd + 1, URLEnd - MethodEnd - 1); m_URL = m_IncomingHeaderData.substr(MethodEnd + 1, URLEnd - MethodEnd - 1);
return i + 1; return i + 1 - inBufferSoFar;
} }
} // switch (m_IncomingHeaderData[i]) } // switch (m_IncomingHeaderData[i])
} // for i - m_IncomingHeaderData[] } // for i - m_IncomingHeaderData[]