]>
Commit | Line | Data |
---|---|---|
1 | --- minidlna-1.3.0/upnphttp.c.orig 2020-11-24 19:53:50.000000000 +0100 | |
2 | +++ minidlna-1.3.0/upnphttp.c 2022-04-30 12:59:23.432073807 +0200 | |
3 | @@ -273,6 +273,11 @@ | |
4 | p = colon + 1; | |
5 | while(isspace(*p)) | |
6 | p++; | |
7 | + n = 0; | |
8 | + while(p[n] >= ' ') | |
9 | + n++; | |
10 | + h->req_Host = p; | |
11 | + h->req_HostLen = n; | |
12 | for(n = 0; n < n_lan_addr; n++) | |
13 | { | |
14 | for(i = 0; lan_addr[n].str[i]; i++) | |
15 | @@ -909,6 +914,18 @@ | |
16 | } | |
17 | ||
18 | DPRINTF(E_DEBUG, L_HTTP, "HTTP REQUEST: %.*s\n", h->req_buflen, h->req_buf); | |
19 | + if(h->req_Host && h->req_HostLen > 0) { | |
20 | + const char *ptr = h->req_Host; | |
21 | + DPRINTF(E_MAXDEBUG, L_HTTP, "Host: %.*s\n", h->req_HostLen, h->req_Host); | |
22 | + for(i = 0; i < h->req_HostLen; i++) { | |
23 | + if(*ptr != ':' && *ptr != '.' && (*ptr > '9' || *ptr < '0')) { | |
24 | + DPRINTF(E_ERROR, L_HTTP, "DNS rebinding attack suspected (Host: %.*s)", h->req_HostLen, h->req_Host); | |
25 | + Send404(h);/* 403 */ | |
26 | + return; | |
27 | + } | |
28 | + ptr++; | |
29 | + } | |
30 | + } | |
31 | if(strcmp("POST", HttpCommand) == 0) | |
32 | { | |
33 | h->req_command = EPost; | |
34 | --- minidlna-1.3.0/upnphttp.h.orig 2020-11-24 19:53:50.000000000 +0100 | |
35 | +++ minidlna-1.3.0/upnphttp.h 2022-04-30 13:00:22.619152312 +0200 | |
36 | @@ -89,6 +89,8 @@ | |
37 | struct client_cache_s * req_client; | |
38 | const char * req_soapAction; | |
39 | int req_soapActionLen; | |
40 | + const char * req_Host; /* Host: header */ | |
41 | + int req_HostLen; | |
42 | const char * req_Callback; /* For SUBSCRIBE */ | |
43 | int req_CallbackLen; | |
44 | const char * req_NT; |