technocloud-public/nginx-unit
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

HTTP parser: improved detection of corrupted request line.

Browse Source
This commit is contained in:
Valentin Bartenev
2017-12-08 19:18:00 +03:00
parent 20d720dfc5
commit 67d72d46f7
1 changed files with 43 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
src/nxt_http_parse.c
View File

@@ -118,6 +118,10 @@ nxt_http_parse_target(u_char **pos, u_char *end)
p += 10; p += 10;
} }
while (p != end) {
nxt_target_test_char(*p); p++;
}
return NXT_HTTP_TARGET_AGAIN; return NXT_HTTP_TARGET_AGAIN;
} }
@@ -181,6 +185,10 @@ nxt_http_parse_request_line(nxt_http_request_parse_t *rp, u_char **pos,
p += 8; p += 8;
} }
while (p != end) {
nxt_method_test_char(*p); p++;
}
return NXT_AGAIN; return NXT_AGAIN;
method_unusual_char: method_unusual_char:
@@ -316,9 +324,43 @@ rest_of_target:
space_after_target: space_after_target:
if (nxt_slow_path(end - p < 10)) { if (nxt_slow_path(end - p < 10)) {
do {
p++;
if (p == end) {
return NXT_AGAIN; return NXT_AGAIN;
} }
} while (*p == ' ');
if (nxt_memcmp(p, "HTTP/", nxt_min(end - p, 5)) == 0) {
switch (end - p) {
case 8:
if (p[7] < '0' || p[7] > '9') {
break;
}
/* Fall through. */
case 7:
if (p[6] != '.') {
break;
}
/* Fall through. */
case 6:
if (p[5] < '0' || p[5] > '9') {
break;
}
/* Fall through. */
default:
return NXT_AGAIN;
}
}
rp->space_in_target = 1;
goto rest_of_target;
}
/* " HTTP/1.1\r\n" or " HTTP/1.1\n" */ /* " HTTP/1.1\r\n" or " HTTP/1.1\n" */
nxt_memcpy(version.str, &p[1], 8); nxt_memcpy(version.str, &p[1], 8);