diff options
author | Hans Nilsson <[email protected]> | 2015-05-12 17:41:26 +0200 |
---|---|---|
committer | Hans Nilsson <[email protected]> | 2015-05-12 17:43:35 +0200 |
commit | b1e1dd967a4f929a239f8d26829304c03d43dcf9 (patch) | |
tree | 9bd9990bb4417dc5ad3cafce3fa083b325a53405 /lib/inets/src/http_server/httpd_request.erl | |
parent | efbfe9602983ff451b864e557bdf3733222b78ba (diff) | |
download | otp-b1e1dd967a4f929a239f8d26829304c03d43dcf9.tar.gz otp-b1e1dd967a4f929a239f8d26829304c03d43dcf9.tar.bz2 otp-b1e1dd967a4f929a239f8d26829304c03d43dcf9.zip |
inets: reject negative content-length
Diffstat (limited to 'lib/inets/src/http_server/httpd_request.erl')
-rw-r--r-- | lib/inets/src/http_server/httpd_request.erl | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/inets/src/http_server/httpd_request.erl b/lib/inets/src/http_server/httpd_request.erl index 6985065c3e..3ff07616f9 100644 --- a/lib/inets/src/http_server/httpd_request.erl +++ b/lib/inets/src/http_server/httpd_request.erl @@ -417,8 +417,12 @@ check_header({"content-length", Value}, Maxsizes) -> case length(Value) =< MaxLen of true -> try - _ = list_to_integer(Value), - ok + list_to_integer(Value) + of + I when I>= 0 -> + ok; + _ -> + {error, {size_error, Max, 411, "negative content-length"}} catch _:_ -> {error, {size_error, Max, 411, "content-length not an integer"}} end; |