htparser: Implemented resource limits for response headers as well.

author Fredrik Tolf <fredrik@dolda2000.com>

Sat, 30 Apr 2011 06:53:14 +0000 (08:53 +0200)

committer Fredrik Tolf <fredrik@dolda2000.com>

Sat, 30 Apr 2011 06:53:14 +0000 (08:53 +0200)
author Fredrik Tolf <fredrik@dolda2000.com>
Sat, 30 Apr 2011 06:53:14 +0000 (08:53 +0200)
committer Fredrik Tolf <fredrik@dolda2000.com>
Sat, 30 Apr 2011 06:53:14 +0000 (08:53 +0200)
diff --git a/src/htparser.c b/src/htparser.c

index 1ed9175..ba76d01 100644 (file)
--- a/src/htparser.c
+++ b/src/htparser.c
@@ -146,6 +146,8 @@ static struct hthead *parseresp(FILE *in)
             goto fail;
         } else {
             bufadd(ver, c);
+           if(ver.d >= 128)
+               goto fail;
         }
      }
      while(1) {
@@ -156,6 +158,8 @@ static struct hthead *parseresp(FILE *in)
             goto fail;
         } else {
             code = (code * 10) + (c - '0');
+           if(code >= 10000)
+               goto fail;
         }
      }
      while(1) {
@@ -167,6 +171,8 @@ static struct hthead *parseresp(FILE *in)
             goto fail;
         } else {
             bufadd(msg, c);
+           if(msg.d >= 512)
+               goto fail;
         }
      }
      bufadd(msg, 0);
author	Fredrik Tolf <fredrik@dolda2000.com>
	Sat, 30 Apr 2011 06:53:14 +0000 (08:53 +0200)
committer	Fredrik Tolf <fredrik@dolda2000.com>
	Sat, 30 Apr 2011 06:53:14 +0000 (08:53 +0200)