From 0fad6c6fde3ec12ef6b3cf59a3acb42d1c4c7d6b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= <essen@dev-extend.eu>
Date: Thu, 7 Apr 2011 00:54:32 +0200
Subject: Don't crash on errors while receiving headers; throw an error 500
 instead.

The server shouldn't crash the request process when we have an error
while receiving headers. A case where this could happen is if the header
line is too long.

See also bfrog's report on ticket #3 on github.
---
 src/cowboy_http_protocol.erl | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/cowboy_http_protocol.erl b/src/cowboy_http_protocol.erl
index e345418..36150b6 100644
--- a/src/cowboy_http_protocol.erl
+++ b/src/cowboy_http_protocol.erl
@@ -128,7 +128,9 @@ header({http_header, _I, Field, _R, Value}, Req, State) ->
 header(http_eoh, #http_req{host=undefined}, State) ->
 	error_terminate(400, State);
 header(http_eoh, Req, State) ->
-	handler_init(Req, State).
+	handler_init(Req, State);
+header({http_error, _String}, _Req, State) ->
+	error_terminate(500, State).
 
 -spec handler_init(Req::#http_req{}, State::#state{}) -> ok.
 handler_init(Req, State=#state{
-- 
cgit v1.2.3