From ee3fd715255a865b80532ad1cf88e51a8a4147ba Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Fri, 16 May 2014 14:46:13 +0200
Subject: inets: httpd - Behave well on not so long but wrong request lines

---
 lib/inets/src/http_server/httpd_request.erl         | 16 ++++++++++++++--
 lib/inets/src/http_server/httpd_request_handler.erl |  5 +++++
 2 files changed, 19 insertions(+), 2 deletions(-)

(limited to 'lib/inets/src')

diff --git a/lib/inets/src/http_server/httpd_request.erl b/lib/inets/src/http_server/httpd_request.erl
index 68e7c16702..712c73599f 100644
--- a/lib/inets/src/http_server/httpd_request.erl
+++ b/lib/inets/src/http_server/httpd_request.erl
@@ -107,8 +107,12 @@ validate("POST", Uri, "HTTP/1." ++ _N) ->
 validate("TRACE", Uri, "HTTP/1." ++ N) when hd(N) >= $1 ->
     validate_uri(Uri);
 validate(Method, Uri, Version) ->
-    {error, {not_supported, {Method, Uri, Version}}}.
-
+    case validate_version(Version) of
+	true ->
+	    {error, {not_supported, {Method, Uri, Version}}};
+	false ->
+	    {error, {bad_version, Version}}
+    end.
 %%----------------------------------------------------------------------
 %% The request is passed through the server as a record of type mod 
 %% create it.
@@ -296,6 +300,14 @@ validate_path([".." | Rest], N, RequestURI) ->
 validate_path([_ | Rest], N, RequestURI) ->
     validate_path(Rest, N + 1, RequestURI).
 
+validate_version("HTTP/1.1") ->
+    true;
+validate_version("HTTP/1.0") ->
+    true;
+validate_version("HTTP/0.9") ->
+    true;
+validate_version(_) ->
+    false.
 %%----------------------------------------------------------------------
 %% There are 3 possible forms of the reuqest URI 
 %%
diff --git a/lib/inets/src/http_server/httpd_request_handler.erl b/lib/inets/src/http_server/httpd_request_handler.erl
index 8dcfec570a..b3c9cbc46a 100644
--- a/lib/inets/src/http_server/httpd_request_handler.erl
+++ b/lib/inets/src/http_server/httpd_request_handler.erl
@@ -375,6 +375,11 @@ handle_http_msg({Method, Uri, Version, {RecordHeaders, Headers}, Body},
 				       400, URI),
 	    Reason = io_lib:format("Malformed syntax in URI: ~p~n", [URI]),
 	    error_log(Reason, ModData),
+	    {stop, normal, State#state{response_sent = true}};
+	{error, {bad_version, Ver}} ->
+	    httpd_response:send_status(ModData#mod{http_version = "HTTP/0.9"}, 400, Ver),
+	    Reason = io_lib:format("Malformed syntax version: ~p~n", [Ver]),
+	    error_log(Reason, ModData),
 	    {stop, normal, State#state{response_sent = true}}
     end;
 handle_http_msg({ChunkedHeaders, Body}, 
-- 
cgit v1.2.3