diff options
author | Valentin Bartenev <vbart@nginx.com> | 2017-12-08 19:18:00 +0300 |
---|---|---|
committer | Valentin Bartenev <vbart@nginx.com> | 2017-12-08 19:18:00 +0300 |
commit | 67d72d46f77771ddb7886e4ea83bb292802ea8d5 (patch) | |
tree | dae7e9986b20078ca9d2f259a7be66af1f5aebd5 | |
parent | 20d720dfc57c16d18bc2db5e61955d3d964e0163 (diff) | |
download | unit-67d72d46f77771ddb7886e4ea83bb292802ea8d5.tar.gz unit-67d72d46f77771ddb7886e4ea83bb292802ea8d5.tar.bz2 |
HTTP parser: improved detection of corrupted request line.
-rw-r--r-- | src/nxt_http_parse.c | 44 |
1 files changed, 43 insertions, 1 deletions
diff --git a/src/nxt_http_parse.c b/src/nxt_http_parse.c index d826c536..03662ef2 100644 --- a/src/nxt_http_parse.c +++ b/src/nxt_http_parse.c @@ -118,6 +118,10 @@ nxt_http_parse_target(u_char **pos, u_char *end) p += 10; } + while (p != end) { + nxt_target_test_char(*p); p++; + } + return NXT_HTTP_TARGET_AGAIN; } @@ -181,6 +185,10 @@ nxt_http_parse_request_line(nxt_http_request_parse_t *rp, u_char **pos, p += 8; } + while (p != end) { + nxt_method_test_char(*p); p++; + } + return NXT_AGAIN; method_unusual_char: @@ -316,7 +324,41 @@ rest_of_target: space_after_target: if (nxt_slow_path(end - p < 10)) { - return NXT_AGAIN; + + do { + p++; + + if (p == end) { + return NXT_AGAIN; + } + + } while (*p == ' '); + + if (nxt_memcmp(p, "HTTP/", nxt_min(end - p, 5)) == 0) { + + switch (end - p) { + case 8: + if (p[7] < '0' || p[7] > '9') { + break; + } + /* Fall through. */ + case 7: + if (p[6] != '.') { + break; + } + /* Fall through. */ + case 6: + if (p[5] < '0' || p[5] > '9') { + break; + } + /* Fall through. */ + default: + return NXT_AGAIN; + } + } + + rp->space_in_target = 1; + goto rest_of_target; } /* " HTTP/1.1\r\n" or " HTTP/1.1\n" */ |