From cea3593337b0f57cd6e7a199eddc5be79f6d9b08 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Tue, 13 Dec 2016 15:56:36 +0100
Subject: inets: httpc - Prevent hanging user process

Input should be checked and httpc_handler process shall terminate
gracefully on errors so that user process will in hang in gen_server:call.
---
 lib/inets/src/http_client/httpc.erl | 45 ++++++++++++++++++++++++-------------
 1 file changed, 30 insertions(+), 15 deletions(-)

(limited to 'lib/inets/src/http_client/httpc.erl')

diff --git a/lib/inets/src/http_client/httpc.erl b/lib/inets/src/http_client/httpc.erl
index e857fc04d3..bd5f6df39e 100644
--- a/lib/inets/src/http_client/httpc.erl
+++ b/lib/inets/src/http_client/httpc.erl
@@ -146,6 +146,26 @@ request(Url, Profile) ->
 request(Method, Request, HttpOptions, Options) ->
     request(Method, Request, HttpOptions, Options, default_profile()). 
 
+request(Method, 
+	{Url, Headers, ContentType, TupleBody}, 
+	HTTPOptions, Options, Profile) 
+  when ((Method =:= post) orelse (Method =:= patch) orelse (Method =:= put) orelse (Method =:= delete)) 
+       andalso (is_atom(Profile) orelse is_pid(Profile)) andalso
+       is_list(ContentType)  andalso is_tuple(TupleBody)->
+    case check_body_gen(TupleBody) of
+	ok ->
+	    do_request(Method, {Url, Headers, ContentType, TupleBody}, HTTPOptions, Options, Profile);
+	Error ->
+	    Error
+    end;
+request(Method, 
+	{Url, Headers, ContentType, Body}, 
+	HTTPOptions, Options, Profile) 
+  when ((Method =:= post) orelse (Method =:= patch) orelse (Method =:= put) orelse (Method =:= delete)) 
+       andalso (is_atom(Profile) orelse is_pid(Profile)) andalso
+       is_list(ContentType) andalso (is_list(Body) orelse is_binary(Body)) ->
+    do_request(Method, {Url, Headers, ContentType, Body}, HTTPOptions, Options, Profile);
+
 request(Method, 
 	{Url, Headers}, 
 	HTTPOptions, Options, Profile) 
@@ -166,21 +186,9 @@ request(Method,
 		    handle_request(Method, Url, ParsedUrl, Headers, [], [], 
 				   HTTPOptions, Options, Profile)
 	    end
-    end;
-     
-request(Method, 
-	{Url, Headers, ContentType, Body}, 
-	HTTPOptions, Options, Profile) 
-  when ((Method =:= post) orelse (Method =:= patch) orelse (Method =:= put) orelse
-	(Method =:= delete)) andalso (is_atom(Profile) orelse is_pid(Profile)) ->
-    ?hcrt("request", [{method,       Method}, 
-		      {url,          Url},
-		      {headers,      Headers}, 
-		      {content_type, ContentType}, 
-		      {body,         Body}, 
-		      {http_options, HTTPOptions}, 
-		      {options,      Options}, 
-		      {profile,      Profile}]),
+    end.
+
+do_request(Method, {Url, Headers, ContentType, Body}, HTTPOptions, Options, Profile) ->
     case uri_parse(Url, Options) of
 	{error, Reason} ->
 	    {error, Reason};
@@ -1225,3 +1233,10 @@ host_address(Host, false) ->
     Host;
 host_address(Host, true) ->
     string:strip(string:strip(Host, right, $]), left, $[).
+
+check_body_gen({Fun, _}) when is_function(Fun) -> 
+    ok;
+check_body_gen({chunkify, Fun, _}) when is_function(Fun) -> 
+    ok;
+check_body_gen(Gen) -> 
+    {error, {bad_body_generator, Gen}}.
-- 
cgit v1.2.3