diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-06-17 20:11:32 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-06-22 20:58:43 +0300 |
commit | c4246b5251bb8ee45ca66b4d24597fa26762d729 (patch) | |
tree | 33bfb4763529c15f7ed0393d86f23982f11b19cf | |
parent | a5af7f737931d4ab4f64977d9a029a326f178f37 (diff) | |
download | libmicrohttpd-c4246b5251bb8ee45ca66b4d24597fa26762d729.tar.gz libmicrohttpd-c4246b5251bb8ee45ca66b4d24597fa26762d729.zip |
Added tracking of the request URL length.
URL may have binary zeros after url-decoding, the length helps to detect
such situations.
-rw-r--r-- | src/microhttpd/connection.c | 14 | ||||
-rw-r--r-- | src/microhttpd/internal.h | 5 |
2 files changed, 16 insertions, 3 deletions
diff --git a/src/microhttpd/connection.c b/src/microhttpd/connection.c index 463fc88e..9068ee08 100644 --- a/src/microhttpd/connection.c +++ b/src/microhttpd/connection.c | |||
@@ -2427,6 +2427,7 @@ transmit_error_response_len (struct MHD_Connection *connection, | |||
2427 | connection->version = NULL; | 2427 | connection->version = NULL; |
2428 | connection->method = NULL; | 2428 | connection->method = NULL; |
2429 | connection->url = NULL; | 2429 | connection->url = NULL; |
2430 | connection->url_len = 0; | ||
2430 | connection->last = NULL; | 2431 | connection->last = NULL; |
2431 | connection->colon = NULL; | 2432 | connection->colon = NULL; |
2432 | connection->headers_received = NULL; | 2433 | connection->headers_received = NULL; |
@@ -3366,9 +3367,15 @@ parse_initial_message_line (struct MHD_Connection *connection, | |||
3366 | 3367 | ||
3367 | /* unescape URI *after* searching for arguments and log callback */ | 3368 | /* unescape URI *after* searching for arguments and log callback */ |
3368 | if (NULL != uri) | 3369 | if (NULL != uri) |
3369 | daemon->unescape_callback (daemon->unescape_callback_cls, | 3370 | { |
3370 | connection, | 3371 | connection->url_len = |
3371 | uri); | 3372 | daemon->unescape_callback (daemon->unescape_callback_cls, |
3373 | connection, | ||
3374 | uri); | ||
3375 | } | ||
3376 | else | ||
3377 | connection->url_len = 0; | ||
3378 | |||
3372 | connection->url = curi; | 3379 | connection->url = curi; |
3373 | return MHD_YES; | 3380 | return MHD_YES; |
3374 | } | 3381 | } |
@@ -4755,6 +4762,7 @@ connection_reset (struct MHD_Connection *connection, | |||
4755 | c->method = NULL; | 4762 | c->method = NULL; |
4756 | c->http_mthd = MHD_HTTP_MTHD_NO_METHOD; | 4763 | c->http_mthd = MHD_HTTP_MTHD_NO_METHOD; |
4757 | c->url = NULL; | 4764 | c->url = NULL; |
4765 | c->url_len = 0; | ||
4758 | memset (&c->rp_props, 0, sizeof(c->rp_props)); | 4766 | memset (&c->rp_props, 0, sizeof(c->rp_props)); |
4759 | c->write_buffer = NULL; | 4767 | c->write_buffer = NULL; |
4760 | c->write_buffer_size = 0; | 4768 | c->write_buffer_size = 0; |
diff --git a/src/microhttpd/internal.h b/src/microhttpd/internal.h index 1fbb6e65..6906e1bb 100644 --- a/src/microhttpd/internal.h +++ b/src/microhttpd/internal.h | |||
@@ -1034,6 +1034,11 @@ struct MHD_Connection | |||
1034 | const char *url; | 1034 | const char *url; |
1035 | 1035 | ||
1036 | /** | 1036 | /** |
1037 | * The length of the @a url in characters, not including the terminating zero. | ||
1038 | */ | ||
1039 | size_t url_len; | ||
1040 | |||
1041 | /** | ||
1037 | * HTTP version string (i.e. http/1.1). Allocated | 1042 | * HTTP version string (i.e. http/1.1). Allocated |
1038 | * in pool. | 1043 | * in pool. |
1039 | */ | 1044 | */ |