[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 86/150: http: fix the max header length detection l
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 86/150: http: fix the max header length detection logic |
Date: |
Fri, 30 Mar 2018 16:49:00 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 03370fa5a0ac5c1deae4315f01f19e9f1bc53662
Author: Daniel Stenberg <address@hidden>
AuthorDate: Fri Feb 16 09:49:33 2018 +0100
http: fix the max header length detection logic
Previously, it would only check for max length if the existing alloc
buffer was to small to fit it, which often would make the header still
get used.
Reported-by: Guido Berhoerster
Bug: https://curl.haxx.se/mail/lib-2018-02/0056.html
Closes #2315
---
lib/http.c | 21 ++++++++++-----------
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/lib/http.c b/lib/http.c
index f44b18ae9..c1c7b3908 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -2880,20 +2880,19 @@ static CURLcode header_append(struct Curl_easy *data,
struct SingleRequest *k,
size_t length)
{
- if(k->hbuflen + length >= data->state.headersize) {
+ size_t newsize = k->hbuflen + length;
+ if(newsize > CURL_MAX_HTTP_HEADER) {
+ /* The reason to have a max limit for this is to avoid the risk of a bad
+ server feeding libcurl with a never-ending header that will cause
+ reallocs infinitely */
+ failf(data, "Rejected %zd bytes header (max is %d)!", newsize,
+ CURL_MAX_HTTP_HEADER);
+ return CURLE_OUT_OF_MEMORY;
+ }
+ if(newsize >= data->state.headersize) {
/* We enlarge the header buffer as it is too small */
char *newbuff;
size_t hbufp_index;
- size_t newsize;
-
- if(k->hbuflen + length > CURL_MAX_HTTP_HEADER) {
- /* The reason to have a max limit for this is to avoid the risk of a bad
- server feeding libcurl with a never-ending header that will cause
- reallocs infinitely */
- failf(data, "Avoided giant realloc for header (max is %d)!",
- CURL_MAX_HTTP_HEADER);
- return CURLE_OUT_OF_MEMORY;
- }
newsize = CURLMAX((k->hbuflen + length) * 3 / 2, data->state.headersize*2);
hbufp_index = k->hbufp - data->state.headerbuff;
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 120/150: curl.1: mention how to add numerical IP addresses in NO_PROXY, (continued)
- [GNUnet-SVN] [gnurl] 120/150: curl.1: mention how to add numerical IP addresses in NO_PROXY, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 35/150: http2: set DEBUG_HTTP2 to enable more HTTP/2 logging, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 65/150: tlsauthtype.d: works only if libcurl is built with TLS-SRP support, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 76/150: KNOWN_BUGS: 2.5 curl should not offer "ALPN: h2" when using https-proxy, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 96/150: hostip: fix 'potentially uninitialized variable' warning, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 115/150: unit1307: proper cleanup on OOM to fix torture tests, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 39/150: fnmatch: accept an alphanum to be followed by a non-alphanum in char set, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 54/150: schannel: fix compiler warnings, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 103/150: os400: add curl_resolver_start_callback type to ILE/RPG binding, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 81/150: ssh: add two missing state names, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 86/150: http: fix the max header length detection logic,
gnunet <=
- [GNUnet-SVN] [gnurl] 128/150: http2: verbose output new MAX_CONCURRENT_STREAMS values, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 69/150: libcurl-security.3: mention the URL standards problems too, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 77/150: TODO: 18.18 retry on network is unreachable, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 124/150: WolfSSL: adding TLSv1.3, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 137/150: FTP: reject path components with control codes, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 101/150: url: Add option CURLOPT_RESOLVER_START_FUNCTION, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 131/150: Curl_range: fix FTP-only and FILE-only builds, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 125/150: THANKS + mailmap: remove duplicates, fixup full names, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 34/150: file: Check the return code from Curl_range and bail out on error, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 48/150: build-openssl.bat: Extend VC15 support to include Enterprise and Professional, gnunet, 2018/03/30