httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: worth fixing "read headers forever" issue?
Date Fri, 02 Jan 1998 00:34:05 GMT
Yeah... 'specially if we could close the socket

Marc Slemko wrote:
> 
> below is a sample of a patch that I would suggest to do this;
> parts marked XXX are incomplete but easy to see what they would do.
> 
> This limits read headers to ~512k.
> 
> I think this is worthwhile.  Does anyone agree?
> 
> Index: http_protocol.c
> ===================================================================
> RCS file: /export/home/cvs/apachen/src/main/http_protocol.c,v
> retrieving revision 1.172
> diff -u -r1.172 http_protocol.c
> --- http_protocol.c     1997/12/26 18:26:59     1.172
> +++ http_protocol.c     1998/01/01 22:23:40
> @@ -742,7 +742,7 @@
>  void get_mime_headers(request_rec *r)
>  {
>      conn_rec *c = r->connection;
> -    int len;
> +    int len, total = 0;
>      char *value;
>      char field[MAX_STRING_LEN];
>  
> @@ -753,6 +753,11 @@
>       */
>      while ((len = getline(field, MAX_STRING_LEN, c->client, 1)) > 0) {
>  
> +       if (total > 1024*512) { /* XXXX make a define from httpd.h */
> +          /* XXXX log error */
> +          /* should puke, too bad we can't */
> +          return;
> +       }
>          if (!(value = strchr(field, ':')))      /* Find the colon separator */
>              continue;           /* or should puke 400 here */
>  
> @@ -762,6 +767,7 @@
>              ++value;            /* Skip to start of value   */
>  
>          table_merge(r->headers_in, field, value);
> +       total += len;
>      }
>  }
>  
> 
> 
> 


-- 
====================================================================
      Jim Jagielski            |       jaguNET Access Services
     jim@jaguNET.com           |       http://www.jaguNET.com/
            "Look at me! I'm wearing a cardboard belt!"

Mime
View raw message