diff options
| author | Ingela Anderton Andin <[email protected]> | 2015-01-27 17:00:28 +0100 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2015-01-29 15:50:44 +0100 |
| commit | 4eeeca1538afecc294e04c50c5f6a4551eced9ec (patch) | |
| tree | 612c0a7cf76a5beccbf015a388437435cace8bd1 /lib/inets/src/http_server/httpd_conf.erl | |
| parent | af87b1c3d4897840d8247589a88d3611106ecedc (diff) | |
| download | otp-4eeeca1538afecc294e04c50c5f6a4551eced9ec.tar.gz otp-4eeeca1538afecc294e04c50c5f6a4551eced9ec.tar.bz2 otp-4eeeca1538afecc294e04c50c5f6a4551eced9ec.zip | |
inets: httpd - Sanity check of content-length header
Gracefully handle invalid content-lenght headers instead of
crashing in list_to_integer.
Diffstat (limited to 'lib/inets/src/http_server/httpd_conf.erl')
| -rw-r--r-- | lib/inets/src/http_server/httpd_conf.erl | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/lib/inets/src/http_server/httpd_conf.erl b/lib/inets/src/http_server/httpd_conf.erl index 27446ca7fe..fa639b0a1c 100644 --- a/lib/inets/src/http_server/httpd_conf.erl +++ b/lib/inets/src/http_server/httpd_conf.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 1997-2013. All Rights Reserved. +%% Copyright Ericsson AB 1997-2015. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -205,13 +205,13 @@ load("MaxURISize " ++ MaxHeaderSize, []) -> " is an invalid number of MaxHeaderSize")} end; -load("MaxBodySize " ++ MaxBodySize, []) -> - case make_integer(MaxBodySize) of +load("MaxContentLength " ++ Max, []) -> + case make_integer(Max) of {ok, Integer} -> - {ok, [], {max_body_size,Integer}}; + {ok, [], {max_content_length, Integer}}; {error, _} -> - {error, ?NICE(clean(MaxBodySize) ++ - " is an invalid number of MaxBodySize")} + {error, ?NICE(clean(Max) ++ + " is an invalid number of MaxContentLength")} end; load("ServerName " ++ ServerName, []) -> @@ -569,6 +569,12 @@ validate_config_params([{max_body_size, Value} | Rest]) validate_config_params([{max_body_size, Value} | _]) -> throw({max_body_size, Value}); +validate_config_params([{max_content_length, Value} | Rest]) + when is_integer(Value) andalso (Value > 0) -> + validate_config_params(Rest); +validate_config_params([{max_content_length, Value} | _]) -> + throw({max_content_length, Value}); + validate_config_params([{server_name, Value} | Rest]) when is_list(Value) -> validate_config_params(Rest); @@ -635,7 +641,7 @@ validate_config_params([{max_keep_alive_request, Value} | Rest]) when is_integer(Value) andalso (Value > 0) -> validate_config_params(Rest); validate_config_params([{max_keep_alive_request, Value} | _]) -> - throw({max_header_size, Value}); + throw({max_keep_alive_request, Value}); validate_config_params([{keep_alive_timeout, Value} | Rest]) when is_integer(Value) andalso (Value >= 0) -> |