Dolda2000 GitWeb
/
ashd.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Imposed some limits on request parts.
[ashd.git]
/
src
/
htparser.c
diff --git
a/src/htparser.c
b/src/htparser.c
index
ceae319
..
1ed9175
100644
(file)
--- a/
src/htparser.c
+++ b/
src/htparser.c
@@
-77,6
+77,8
@@
static struct hthead *parsereq(FILE *in)
goto fail;
} else {
bufadd(method, c);
goto fail;
} else {
bufadd(method, c);
+ if(method.d >= 128)
+ goto fail;
}
}
while(1) {
}
}
while(1) {
@@
-87,6
+89,8
@@
static struct hthead *parsereq(FILE *in)
goto fail;
} else {
bufadd(url, c);
goto fail;
} else {
bufadd(url, c);
+ if(url.d >= 65536)
+ goto fail;
}
}
while(1) {
}
}
while(1) {
@@
-98,6
+102,8
@@
static struct hthead *parsereq(FILE *in)
goto fail;
} else {
bufadd(ver, c);
goto fail;
} else {
bufadd(ver, c);
+ if(ver.d >= 128)
+ goto fail;
}
}
bufadd(method, 0);
}
}
bufadd(method, 0);
@@
-499,7
+505,7
@@
int main(int argc, char **argv)
if(usesyslog)
opensyslog();
if(root) {
if(usesyslog)
opensyslog();
if(root) {
- if(chroot(root)) {
+ if(ch
dir(root) || ch
root(root)) {
flog(LOG_ERR, "could not chroot to %s: %s", root, strerror(errno));
exit(1);
}
flog(LOG_ERR, "could not chroot to %s: %s", root, strerror(errno));
exit(1);
}