summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorValentin Bartenev <vbart@nginx.com>2017-12-08 19:18:00 +0300
committerValentin Bartenev <vbart@nginx.com>2017-12-08 19:18:00 +0300
commit67d72d46f77771ddb7886e4ea83bb292802ea8d5 (patch)
treedae7e9986b20078ca9d2f259a7be66af1f5aebd5
parent20d720dfc57c16d18bc2db5e61955d3d964e0163 (diff)
downloadunit-67d72d46f77771ddb7886e4ea83bb292802ea8d5.tar.gz
unit-67d72d46f77771ddb7886e4ea83bb292802ea8d5.tar.bz2
HTTP parser: improved detection of corrupted request line.
Diffstat (limited to '')
-rw-r--r--src/nxt_http_parse.c44
1 files changed, 43 insertions, 1 deletions
diff --git a/src/nxt_http_parse.c b/src/nxt_http_parse.c
index d826c536..03662ef2 100644
--- a/src/nxt_http_parse.c
+++ b/src/nxt_http_parse.c
@@ -118,6 +118,10 @@ nxt_http_parse_target(u_char **pos, u_char *end)
p += 10;
}
+ while (p != end) {
+ nxt_target_test_char(*p); p++;
+ }
+
return NXT_HTTP_TARGET_AGAIN;
}
@@ -181,6 +185,10 @@ nxt_http_parse_request_line(nxt_http_request_parse_t *rp, u_char **pos,
p += 8;
}
+ while (p != end) {
+ nxt_method_test_char(*p); p++;
+ }
+
return NXT_AGAIN;
method_unusual_char:
@@ -316,7 +324,41 @@ rest_of_target:
space_after_target:
if (nxt_slow_path(end - p < 10)) {
- return NXT_AGAIN;
+
+ do {
+ p++;
+
+ if (p == end) {
+ return NXT_AGAIN;
+ }
+
+ } while (*p == ' ');
+
+ if (nxt_memcmp(p, "HTTP/", nxt_min(end - p, 5)) == 0) {
+
+ switch (end - p) {
+ case 8:
+ if (p[7] < '0' || p[7] > '9') {
+ break;
+ }
+ /* Fall through. */
+ case 7:
+ if (p[6] != '.') {
+ break;
+ }
+ /* Fall through. */
+ case 6:
+ if (p[5] < '0' || p[5] > '9') {
+ break;
+ }
+ /* Fall through. */
+ default:
+ return NXT_AGAIN;
+ }
+ }
+
+ rp->space_in_target = 1;
+ goto rest_of_target;
}
/* " HTTP/1.1\r\n" or " HTTP/1.1\n" */