From e60c63aff64e87843ab9ab314c370f8017b7e931 Mon Sep 17 00:00:00 2001
From: "Evgeny Grin (Karlson2k)" <k2k@narod.ru>
Date: Mon, 19 Dec 2022 18:32:12 +0300
Subject: Always close connection after reply if both Content-Length and
 chucked are used

When both headers are used, the real length of the request may not be
determined unambiguously, the start of the next request is unclear.
---
 src/microhttpd/connection.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/microhttpd/connection.c b/src/microhttpd/connection.c
index 16c5fb93..e6c93f25 100644
--- a/src/microhttpd/connection.c
+++ b/src/microhttpd/connection.c
@@ -3953,15 +3953,17 @@ parse_connection_headers (struct MHD_Connection *connection)
                                         REQUEST_LENGTH_WITH_TR_ENCODING);
         return;
       }
-#ifdef HAVE_MESSAGES
       else
       {
+        /* Must close connection after reply to prevent potential attack */
+        connection->keepalive = MHD_CONN_MUST_CLOSE;
+#ifdef HAVE_MESSAGES
         MHD_DLOG (connection->daemon,
                   _ ("The 'Content-Length' request header is ignored "
                      "as chunked Transfer-Encoding is used "
                      "for this request.\n"));
-      }
 #endif /* HAVE_MESSAGES */
+      }
     }
     connection->rq.have_chunked_upload = true;
     connection->rq.remaining_upload_size = MHD_SIZE_UNKNOWN;
-- 
cgit v1.2.3