aboutsummaryrefslogtreecommitdiffstats
path: root/lib/inets/src/http_server
diff options
context:
space:
mode:
authorHans Nilsson <[email protected]>2015-05-12 17:41:26 +0200
committerHans Nilsson <[email protected]>2015-05-12 17:43:35 +0200
commitb1e1dd967a4f929a239f8d26829304c03d43dcf9 (patch)
tree9bd9990bb4417dc5ad3cafce3fa083b325a53405 /lib/inets/src/http_server
parentefbfe9602983ff451b864e557bdf3733222b78ba (diff)
downloadotp-b1e1dd967a4f929a239f8d26829304c03d43dcf9.tar.gz
otp-b1e1dd967a4f929a239f8d26829304c03d43dcf9.tar.bz2
otp-b1e1dd967a4f929a239f8d26829304c03d43dcf9.zip
inets: reject negative content-length
Diffstat (limited to 'lib/inets/src/http_server')
-rw-r--r--lib/inets/src/http_server/httpd_request.erl8
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/inets/src/http_server/httpd_request.erl b/lib/inets/src/http_server/httpd_request.erl
index 6985065c3e..3ff07616f9 100644
--- a/lib/inets/src/http_server/httpd_request.erl
+++ b/lib/inets/src/http_server/httpd_request.erl
@@ -417,8 +417,12 @@ check_header({"content-length", Value}, Maxsizes) ->
case length(Value) =< MaxLen of
true ->
try
- _ = list_to_integer(Value),
- ok
+ list_to_integer(Value)
+ of
+ I when I>= 0 ->
+ ok;
+ _ ->
+ {error, {size_error, Max, 411, "negative content-length"}}
catch _:_ ->
{error, {size_error, Max, 411, "content-length not an integer"}}
end;