[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lwip-devel] [bug #58754] httpd.c fix of incorrect null-termination of r
From: |
Alister Fisher |
Subject: |
[lwip-devel] [bug #58754] httpd.c fix of incorrect null-termination of request-headers and other improvements |
Date: |
Sun, 12 Jul 2020 01:23:16 -0400 (EDT) |
User-agent: |
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36 |
URL:
<https://savannah.nongnu.org/bugs/?58754>
Summary: httpd.c fix of incorrect null-termination of
request-headers and other improvements
Project: lwIP - A Lightweight TCP/IP stack
Submitted by: afisher
Submitted on: Sun 12 Jul 2020 05:23:15 AM UTC
Category: apps
Severity: 3 - Normal
Item Group: Change Request
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Discussion Lock: Any
Planned Release: None
lwIP version: git head
_______________________________________________________
Details:
http_post_request incorrectly null-terminates the headers at the last header's
CRLF. That CRLF belongs to the last header and is necessary for header-value
searches. http_post_request itself uses a search of CRLF to find the
content-length header's value.
It should null-terminate at the empty-line that immediately follows it.
The improvements include
- Removed second search for request's empty-line.
- Search for headers from start of headers.
- Removed two impossible LWIP_MIN cases.
- Moved struct http_state and struct http_ssi_state to httpd_priv.h to
facilitate adding future features separate to httpd.c, e.g. websockets, which
was suggested by Simon Goldschmidt at
https://savannah.nongnu.org/patch/?9525.
- Removed unnecessary "+ 1" from httpd_req_buf's array definition and added 1
to LWIP_HTTPD_MAX_REQ_LENGTH's default definition.
- Moved http_remove_connection into http_state_eof. Reduces code size.
- Return ERR_ABRT from http_close_or_abort_conn if it calls altcp_abort. No
effect on execution. But more technically correct.
- Misc commenting.
The patch is to c385f31076b27efb8ee37f00cb5568783a58f299, the git head at the
time this bug was submitted.
_______________________________________________________
File Attachments:
-------------------------------------------------------
Date: Sun 12 Jul 2020 05:23:15 AM UTC Name:
0001-Fix-HTTP-server-null-termination-of-request-headers-.patch Size: 28KiB
By: afisher
<http://savannah.nongnu.org/bugs/download.php?file_id=49474>
_______________________________________________________
Reply to this item at:
<https://savannah.nongnu.org/bugs/?58754>
_______________________________________________
Message sent via Savannah
https://savannah.nongnu.org/
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [lwip-devel] [bug #58754] httpd.c fix of incorrect null-termination of request-headers and other improvements,
Alister Fisher <=