aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Rehfeld <[email protected]>2015-01-30 13:43:55 +0000
committerMartin Rehfeld <[email protected]>2015-01-30 13:43:55 +0000
commit07ef3c32d71cd52ea46d0469ff8c75d312c2d32e (patch)
treeeb615c6a202c83c1e7a2feee791229285ea98bea
parent3d9078018d7f0a83a359b70c698d35e35fbb94f9 (diff)
downloadcowboy-07ef3c32d71cd52ea46d0469ff8c75d312c2d32e.tar.gz
cowboy-07ef3c32d71cd52ea46d0469ff8c75d312c2d32e.tar.bz2
cowboy-07ef3c32d71cd52ea46d0469ff8c75d312c2d32e.zip
Reply with 400 on if*-match parsing crash
-rw-r--r--src/cowboy_http.erl4
-rw-r--r--src/cowboy_rest.erl16
2 files changed, 15 insertions, 5 deletions
diff --git a/src/cowboy_http.erl b/src/cowboy_http.erl
index 1cf73bf..d616f73 100644
--- a/src/cowboy_http.erl
+++ b/src/cowboy_http.erl
@@ -668,7 +668,9 @@ token(<< C, Rest/binary >>, Fun, Case, Acc) ->
-spec quoted_string(binary(), fun()) -> any().
quoted_string(<< $", Rest/binary >>, Fun) ->
- quoted_string(Rest, Fun, <<>>).
+ quoted_string(Rest, Fun, <<>>);
+quoted_string(_, _Fun) ->
+ {error, badarg}.
-spec quoted_string(binary(), fun(), binary()) -> any().
quoted_string(<<>>, _Fun, _Acc) ->
diff --git a/src/cowboy_rest.erl b/src/cowboy_rest.erl
index f779612..4e5ca25 100644
--- a/src/cowboy_rest.erl
+++ b/src/cowboy_rest.erl
@@ -523,13 +523,17 @@ resource_exists(Req, State) ->
if_match_exists(Req, State) ->
State2 = State#state{exists=true},
- case cowboy_req:parse_header(<<"if-match">>, Req) of
+ try cowboy_req:parse_header(<<"if-match">>, Req) of
{ok, undefined, Req2} ->
if_unmodified_since_exists(Req2, State2);
{ok, '*', Req2} ->
if_unmodified_since_exists(Req2, State2);
{ok, ETagsList, Req2} ->
- if_match(Req2, State2, ETagsList)
+ if_match(Req2, State2, ETagsList);
+ {error, badarg} ->
+ respond(Req, State2, 400)
+ catch Class:Reason ->
+ error_terminate(Req, State2, Class, Reason, if_match)
end.
if_match(Req, State, EtagsList) ->
@@ -573,13 +577,17 @@ if_unmodified_since(Req, State, IfUnmodifiedSince) ->
end.
if_none_match_exists(Req, State) ->
- case cowboy_req:parse_header(<<"if-none-match">>, Req) of
+ try cowboy_req:parse_header(<<"if-none-match">>, Req) of
{ok, undefined, Req2} ->
if_modified_since_exists(Req2, State);
{ok, '*', Req2} ->
precondition_is_head_get(Req2, State);
{ok, EtagsList, Req2} ->
- if_none_match(Req2, State, EtagsList)
+ if_none_match(Req2, State, EtagsList);
+ {error, badarg} ->
+ respond(Req, State, 400)
+ catch Class:Reason ->
+ error_terminate(Req, State, Class, Reason, if_none_match)
end.
if_none_match(Req, State, EtagsList) ->