diff options
| author | Sverker Eriksson <[email protected]> | 2011-12-07 14:20:55 +0100 |
|---|---|---|
| committer | Sverker Eriksson <[email protected]> | 2011-12-07 14:20:55 +0100 |
| commit | f7241e210c333b088210a138c0880aa93d1f7780 (patch) | |
| tree | a8c4620af57b908468881864b48866f5c71500c5 /erts/emulator/beam | |
| parent | 2e5639155e153ba4869d7671d1a7becd5e07dc1a (diff) | |
| parent | dc5f7190f16cf4552db74fba3f4e0f2d654e2594 (diff) | |
| download | otp-f7241e210c333b088210a138c0880aa93d1f7780.tar.gz otp-f7241e210c333b088210a138c0880aa93d1f7780.tar.bz2 otp-f7241e210c333b088210a138c0880aa93d1f7780.zip | |
Merge branch 'sverk/packet_size-http/OTP-9389'
* sverk/packet_size-http/OTP-9389:
erts: Remove truncation of http packet parsing and return error instead
honor packet_size for http packet parsing to fix OTP-9389
Diffstat (limited to 'erts/emulator/beam')
| -rw-r--r-- | erts/emulator/beam/packet_parser.c | 43 |
1 files changed, 34 insertions, 9 deletions
diff --git a/erts/emulator/beam/packet_parser.c b/erts/emulator/beam/packet_parser.c index a66d60aa22..4d4b6ea196 100644 --- a/erts/emulator/beam/packet_parser.c +++ b/erts/emulator/beam/packet_parser.c @@ -301,7 +301,11 @@ int packet_get_length(enum PacketParseType htype, /* TCP_PB_LINE_LF: [Data ... \n] */ const char* ptr2; if ((ptr2 = memchr(ptr, '\n', n)) == NULL) { - if (n >= trunc_len && trunc_len!=0) { /* buffer full */ + if (n > max_plen && max_plen != 0) { /* packet full */ + DEBUGF((" => packet full (no NL)=%d\r\n", n)); + goto error; + } + else if (n >= trunc_len && trunc_len!=0) { /* buffer full */ DEBUGF((" => line buffer full (no NL)=%d\r\n", n)); return trunc_len; } @@ -309,6 +313,10 @@ int packet_get_length(enum PacketParseType htype, } else { int len = (ptr2 - ptr) + 1; /* including newline */ + if (len > max_plen && max_plen!=0) { + DEBUGF((" => packet_size %d exceeded\r\n", max_plen)); + goto error; + } if (len > trunc_len && trunc_len!=0) { DEBUGF((" => truncated line=%d\r\n", trunc_len)); return trunc_len; @@ -397,33 +405,50 @@ int packet_get_length(enum PacketParseType htype, const char* ptr1 = ptr; int len = plen; + if (!max_plen) { + /* This is for backward compatibility with old user of decode_packet + * that might use option 'line_length' to limit accepted length of + * http lines. + */ + max_plen = trunc_len; + } + while (1) { const char* ptr2 = memchr(ptr1, '\n', len); if (ptr2 == NULL) { - if (n >= trunc_len && trunc_len!=0) { /* buffer full */ - plen = trunc_len; - goto done; + if (max_plen != 0) { + if (n >= max_plen) /* packet full */ + goto error; } goto more; } else { plen = (ptr2 - ptr) + 1; - - if (*statep == 0) + + if (*statep == 0) { + if (max_plen != 0 && plen > max_plen) + goto error; goto done; - + } + if (plen < n) { if (SP(ptr2+1) && plen>2) { /* header field value continue on next line */ ptr1 = ptr2+1; len = n - plen; } - else + else { + if (max_plen != 0 && plen > max_plen) + goto error; goto done; + } } - else + else { + if (max_plen != 0 && plen > max_plen) + goto error; goto more; + } } } } |