diff options
| author | luigi1111 <luigi1111w@gmail.com> | 2018-05-31 14:54:55 -0500 |
|---|---|---|
| committer | luigi1111 <luigi1111w@gmail.com> | 2018-05-31 14:54:55 -0500 |
| commit | 8a7b3ff13858c5d879530c99de5c723c88429342 (patch) | |
| tree | 985ab3b201002a86714731fe080b3c223f930bee /contrib/epee/include/net/http_protocol_handler.inl | |
| parent | Merge pull request #3640 (diff) | |
| parent | http_protocol_handler: limit the number of starting newlines (diff) | |
| download | monero-8a7b3ff13858c5d879530c99de5c723c88429342.tar.xz | |
Merge pull request #3866
6a58c88 console_handler: fix start_default_console use of prompt parameter (moneromooo-monero)
885a117 http_protocol_handler: speedup newline discarding (moneromooo-monero)
4d15864 abstract_tcp_server2: timeout on RPC connections (moneromooo-monero)
dfd36bb http_protocol_handler: limit the number of starting newlines (moneromooo-monero)
Diffstat (limited to 'contrib/epee/include/net/http_protocol_handler.inl')
| -rw-r--r-- | contrib/epee/include/net/http_protocol_handler.inl | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/contrib/epee/include/net/http_protocol_handler.inl b/contrib/epee/include/net/http_protocol_handler.inl index c18f7f706..f1da5067a 100644 --- a/contrib/epee/include/net/http_protocol_handler.inl +++ b/contrib/epee/include/net/http_protocol_handler.inl @@ -38,6 +38,7 @@ #define HTTP_MAX_URI_LEN 9000 #define HTTP_MAX_HEADER_LEN 100000 +#define HTTP_MAX_STARTING_NEWLINES 8 namespace epee { @@ -203,6 +204,7 @@ namespace net_utils m_len_remain(0), m_config(config), m_want_close(false), + m_newlines(0), m_psnd_hndlr(psnd_hndlr) { @@ -216,6 +218,7 @@ namespace net_utils m_body_transfer_type = http_body_transfer_undefined; m_query_info.clear(); m_len_summary = 0; + m_newlines = 0; return true; } //-------------------------------------------------------------------------------------------- @@ -236,6 +239,8 @@ namespace net_utils bool simple_http_connection_handler<t_connection_context>::handle_buff_in(std::string& buf) { + size_t ndel; + if(m_cache.size()) m_cache += buf; else @@ -253,11 +258,19 @@ namespace net_utils break; //check_and_handle_fake_response(); - if((m_cache[0] == '\r' || m_cache[0] == '\n')) + ndel = m_cache.find_first_not_of("\r\n"); + if (ndel != 0) { //some times it could be that before query line cold be few line breaks //so we have to be calm without panic with assers - m_cache.erase(0, 1); + m_newlines += std::string::npos == ndel ? m_cache.size() : ndel; + if (m_newlines > HTTP_MAX_STARTING_NEWLINES) + { + LOG_ERROR("simple_http_connection_handler::handle_buff_out: Too many starting newlines"); + m_state = http_state_error; + return false; + } + m_cache.erase(0, ndel); break; } |