[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [libmicrohttpd] branch master updated: enforce RFC 7230 no-
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [libmicrohttpd] branch master updated: enforce RFC 7230 no-whitespace in header field name rule if MHD_USE_PEDANTIC_CHECKS is set |
|
Date: |
Sun, 23 Apr 2017 20:07:13 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository libmicrohttpd.
The following commit(s) were added to refs/heads/master by this push:
new e95ec487 enforce RFC 7230 no-whitespace in header field name rule if
MHD_USE_PEDANTIC_CHECKS is set
e95ec487 is described below
commit e95ec4874da57b153ecea27fa553ae8a19b4a280
Author: Christian Grothoff <address@hidden>
AuthorDate: Sun Apr 23 20:07:10 2017 +0200
enforce RFC 7230 no-whitespace in header field name rule if
MHD_USE_PEDANTIC_CHECKS is set
---
ChangeLog | 4 ++++
src/examples/minimal_example.c | 2 +-
src/microhttpd/connection.c | 16 ++++++++++++++++
src/microhttpd/digestauth.c | 2 +-
4 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index b47afd26..c4b8e52b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Sun Apr 23 20:05:44 CEST 2017
+ Enforce RFC 7230's rule on no whitespace in HTTP header
+ field names if MHD_USE_PEDANTIC_CHECKS is set. -CG
+
Sun Apr 23 19:20:33 CEST 2017
Replace remaining occurences of sprintf() with
MHD_snprintf_(). Thanks to Ram for pointing this out. -CG
diff --git a/src/examples/minimal_example.c b/src/examples/minimal_example.c
index b6e5edc3..c5796fc8 100644
--- a/src/examples/minimal_example.c
+++ b/src/examples/minimal_example.c
@@ -68,7 +68,7 @@ main (int argc, char *const *argv)
return 1;
}
d = MHD_start_daemon (// MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_ERROR_LOG,
- MHD_USE_AUTO | MHD_USE_INTERNAL_POLLING_THREAD |
MHD_USE_ERROR_LOG,
+ MHD_USE_AUTO | MHD_USE_INTERNAL_POLLING_THREAD |
MHD_USE_PEDANTIC_CHECKS | MHD_USE_ERROR_LOG,
// MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_ERROR_LOG
| MHD_USE_POLL,
// MHD_USE_THREAD_PER_CONNECTION |
MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_ERROR_LOG | MHD_USE_POLL,
// MHD_USE_THREAD_PER_CONNECTION |
MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_ERROR_LOG,
diff --git a/src/microhttpd/connection.c b/src/microhttpd/connection.c
index da54bf1a..cbac8447 100644
--- a/src/microhttpd/connection.c
+++ b/src/microhttpd/connection.c
@@ -2213,6 +2213,22 @@ process_header_line (struct MHD_Connection *connection,
_("Received malformed line (no colon). Closing
connection.\n"));
return MHD_NO;
}
+ if (0 != (MHD_USE_PEDANTIC_CHECKS & connection->daemon->options))
+ {
+ /* check for whitespace before colon, which is not allowed
+ by RFC 7230 section 3.2.4; we count space ' ' and
+ tab '\t', but not '\r\n' as those would have ended the line. */
+ const char *white;
+
+ white = strchr (line, ' ');
+ if ( (NULL != white) &&
+ (white < colon) )
+ return MHD_NO;
+ white = strchr (line, '\t');
+ if ( (NULL != white) &&
+ (white < colon) )
+ return MHD_NO;
+ }
/* zero-terminate header */
colon[0] = '\0';
colon++; /* advance to value */
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index 8b219296..7ade4542 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -413,7 +413,7 @@ check_nonce_nc (struct MHD_Connection *connection,
{
/* Fresh nonce, reinitialize array */
strcpy (nn->nonce,
- nonce);
+ nonce);
nn->nc = 0;
nn->nmask = 0;
MHD_mutex_unlock_chk_ (&daemon->nnc_lock);
--
To stop receiving notification emails like this one, please contact
address@hidden
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [libmicrohttpd] branch master updated: enforce RFC 7230 no-whitespace in header field name rule if MHD_USE_PEDANTIC_CHECKS is set,
gnunet <=