[vlc-commits] httpd: reject incoming requests bodies over 64k
Rémi Denis-Courmont
git at videolan.org
Mon Aug 25 19:56:08 CEST 2014
vlc | branch: master | Rémi Denis-Courmont <remi at remlab.net> | Mon Aug 25 20:55:42 2014 +0300| [44b7c126c6d2a2002758c12db2f0bb89dc328a3c] | committer: Rémi Denis-Courmont
httpd: reject incoming requests bodies over 64k
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=44b7c126c6d2a2002758c12db2f0bb89dc328a3c
---
src/network/httpd.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/network/httpd.c b/src/network/httpd.c
index f570587..a643c70 100644
--- a/src/network/httpd.c
+++ b/src/network/httpd.c
@@ -1349,6 +1349,7 @@ static void httpd_ClientRecv(httpd_client_t *cl)
}
} else if (cl->query.i_body > 0) {
/* we are reading the body of a request or a channel */
+ assert (cl->query.p_body != NULL);
i_len = httpd_NetRecv(cl, &cl->query.p_body[cl->i_buffer],
cl->query.i_body - cl->i_buffer);
if (i_len > 0)
@@ -1541,7 +1542,10 @@ static void httpd_ClientRecv(httpd_client_t *cl)
/* TODO Mhh, handle the case where the client only
* sends a request and closes the connection to
* mark the end of the body (probably only RTSP) */
- cl->query.p_body = malloc(cl->query.i_body);
+ if (cl->query.i_body >= 65536)
+ cl->query.p_body = malloc(cl->query.i_body);
+ else
+ cl->query.p_body = NULL;
cl->i_buffer = 0;
if (!cl->query.p_body) {
switch (cl->query.i_proto) {
More information about the vlc-commits
mailing list