inets: reject negative content-length

author: Hans Nilsson <[email protected]> 2015-05-12 17:41:26 +0200
committer: Hans Nilsson <[email protected]> 2015-05-12 17:43:35 +0200
commit: b1e1dd967a4f929a239f8d26829304c03d43dcf9 (patch)
tree: 9bd9990bb4417dc5ad3cafce3fa083b325a53405 /lib/inets
parent: efbfe9602983ff451b864e557bdf3733222b78ba (diff)
download: otp-b1e1dd967a4f929a239f8d26829304c03d43dcf9.tar.gz
otp-b1e1dd967a4f929a239f8d26829304c03d43dcf9.tar.bz2
otp-b1e1dd967a4f929a239f8d26829304c03d43dcf9.zip
2 files changed, 7 insertions, 3 deletions
diff --git a/lib/inets/src/http_server/httpd_request.erl b/lib/inets/src/http_server/httpd_request.erl
index 6985065c3e..3ff07616f9 100644
--- a/lib/inets/src/http_server/httpd_request.erl
+++ b/lib/inets/src/http_server/httpd_request.erl
@@ -417,8 +417,12 @@ check_header({"content-length", Value}, Maxsizes) ->
     case length(Value) =< MaxLen of
 	true ->
 	    try 
-		_ = list_to_integer(Value),
-		ok
+		list_to_integer(Value)
+	    of
+		I when I>= 0 ->
+		    ok;
+		_ ->
+		    {error, {size_error, Max, 411, "negative content-length"}}
 	    catch _:_ ->
 		    {error, {size_error, Max, 411, "content-length not an integer"}}
 	    end;
diff --git a/lib/inets/vsn.mk b/lib/inets/vsn.mk
index e9ecb2632a..ecb84e447c 100644
--- a/lib/inets/vsn.mk
+++ b/lib/inets/vsn.mk
@@ -18,6 +18,6 @@
 # %CopyrightEnd%
 
 APPLICATION = inets
-INETS_VSN   = 5.10.7
+INETS_VSN   = 5.10.8
 PRE_VSN     =
 APP_VSN     = "$(APPLICATION)-$(INETS_VSN)$(PRE_VSN)"
author	Hans Nilsson <[email protected]>	2015-05-12 17:41:26 +0200
committer	Hans Nilsson <[email protected]>	2015-05-12 17:43:35 +0200
commit	b1e1dd967a4f929a239f8d26829304c03d43dcf9 (patch)
tree	9bd9990bb4417dc5ad3cafce3fa083b325a53405 /lib/inets
parent	efbfe9602983ff451b864e557bdf3733222b78ba (diff)
download	otp-b1e1dd967a4f929a239f8d26829304c03d43dcf9.tar.gz otp-b1e1dd967a4f929a239f8d26829304c03d43dcf9.tar.bz2 otp-b1e1dd967a4f929a239f8d26829304c03d43dcf9.zip