From: Fredrik Tolf <fredrik@dolda2000.com>
Date: Sat, 30 Apr 2011 06:53:14 +0000 (+0200)
Subject: htparser: Implemented resource limits for response headers as well.
X-Git-Tag: 0.8~4
X-Git-Url: http://www.dolda2000.com/gitweb/?p=ashd.git;a=commitdiff_plain;h=e2b404ab58259bb538e2d785d6ebbe9e9263bbef

htparser: Implemented resource limits for response headers as well.
---

diff --git a/src/htparser.c b/src/htparser.c
index 1ed9175..ba76d01 100644
--- a/src/htparser.c
+++ b/src/htparser.c
@@ -146,6 +146,8 @@ static struct hthead *parseresp(FILE *in)
 	    goto fail;
 	} else {
 	    bufadd(ver, c);
+	    if(ver.d >= 128)
+		goto fail;
 	}
     }
     while(1) {
@@ -156,6 +158,8 @@ static struct hthead *parseresp(FILE *in)
 	    goto fail;
 	} else {
 	    code = (code * 10) + (c - '0');
+	    if(code >= 10000)
+		goto fail;
 	}
     }
     while(1) {
@@ -167,6 +171,8 @@ static struct hthead *parseresp(FILE *in)
 	    goto fail;
 	} else {
 	    bufadd(msg, c);
+	    if(msg.d >= 512)
+		goto fail;
 	}
     }
     bufadd(msg, 0);