From b1e1dd967a4f929a239f8d26829304c03d43dcf9 Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Tue, 12 May 2015 17:41:26 +0200 Subject: inets: reject negative content-length --- lib/inets/src/http_server/httpd_request.erl | 8 ++++++-- lib/inets/vsn.mk | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) (limited to 'lib/inets') diff --git a/lib/inets/src/http_server/httpd_request.erl b/lib/inets/src/http_server/httpd_request.erl index 6985065c3e..3ff07616f9 100644 --- a/lib/inets/src/http_server/httpd_request.erl +++ b/lib/inets/src/http_server/httpd_request.erl @@ -417,8 +417,12 @@ check_header({"content-length", Value}, Maxsizes) -> case length(Value) =< MaxLen of true -> try - _ = list_to_integer(Value), - ok + list_to_integer(Value) + of + I when I>= 0 -> + ok; + _ -> + {error, {size_error, Max, 411, "negative content-length"}} catch _:_ -> {error, {size_error, Max, 411, "content-length not an integer"}} end; diff --git a/lib/inets/vsn.mk b/lib/inets/vsn.mk index e9ecb2632a..ecb84e447c 100644 --- a/lib/inets/vsn.mk +++ b/lib/inets/vsn.mk @@ -18,6 +18,6 @@ # %CopyrightEnd% APPLICATION = inets -INETS_VSN = 5.10.7 +INETS_VSN = 5.10.8 PRE_VSN = APP_VSN = "$(APPLICATION)-$(INETS_VSN)$(PRE_VSN)" -- cgit v1.2.3 From ba0608d66d7b66d9108f79afd3c7c23b0ba06194 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Mon, 18 May 2015 09:55:10 +0200 Subject: Update release notes --- lib/inets/doc/src/notes.xml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'lib/inets') diff --git a/lib/inets/doc/src/notes.xml b/lib/inets/doc/src/notes.xml index 12bbc2b736..bae8e327a3 100644 --- a/lib/inets/doc/src/notes.xml +++ b/lib/inets/doc/src/notes.xml @@ -32,7 +32,22 @@ notes.xml -
Inets 5.10.7 +
Inets 5.10.8 + +
Fixed Bugs and Malfunctions + + +

+ Reject messages with a Content-Length less than 0

+

+ Own Id: OTP-12739 Aux Id: seq12860

+ + +
+ +
+ +
Inets 5.10.7
Improvements and New Features -- cgit v1.2.3