Simplified Http::Message::parse() (#814)

size_t hdr_len cannot be negative, and sanityCheckStartLine() already
rejects zero values. We now use (and clearly document) the latter fact.

Also replaced a level-1 warning about "Too large" headers with a level-3
debugging message because huge headers is not a Squid problem, and the
problem should already be visible in access.logs records.

diff --git a/src/HttpReply.h b/src/HttpReply.h
index cfbf4d21db5640d62f5499d3bdb39e8f4578f7e2..c993fd10b5640d17e3f72f82d23efe6decccb2ed 100644 (file)
--- a/src/HttpReply.h
+++ b/src/HttpReply.h
@@ -33,11 +33,7 @@ public:
 
     virtual void reset();
 
-    /**
-     \retval true on success
-     \retval false and sets *error to zero when needs more data
-     \retval false and sets *error to a positive Http::StatusCode on error
-     */
+    /* Http::Message API */
     virtual bool sanityCheckStartLine(const char *buf, const size_t hdr_len, Http::StatusCode *error);
 
     /** \par public, readable; never update these or their .hdr equivalents directly */

diff --git a/src/http/Message.cc b/src/http/Message.cc
index d9df32bfa1cec6764eb2ba5b3e431c54616ab743..822770d41a287db7649cbc258e638563746d58d0 100644 (file)
--- a/src/http/Message.cc
+++ b/src/http/Message.cc
@@ -85,6 +85,12 @@ Http::Message::parse(const char *buf, const size_t sz, bool eof, Http::StatusCod
     // find the end of headers
     const size_t hdr_len = headersEnd(buf, sz);
 
+    if (hdr_len > Config.maxReplyHeaderSize || (hdr_len == 0 && sz > Config.maxReplyHeaderSize)) {
+        debugs(58, 3, "input too large: " << hdr_len << " or " << sz << " > " << Config.maxReplyHeaderSize);
+        *error = Http::scHeaderTooLarge;
+        return false;
+    }
+
     // sanity check the start line to see if this is in fact an HTTP message
     if (!sanityCheckStartLine(buf, hdr_len, error)) {
         // NP: sanityCheck sets *error and sends debug warnings on syntax errors.
@@ -95,20 +101,7 @@ Http::Message::parse(const char *buf, const size_t sz, bool eof, Http::StatusCod
         return false;
     }
 
-    if (hdr_len > Config.maxReplyHeaderSize || (hdr_len <= 0 && sz > Config.maxReplyHeaderSize)) {
-        debugs(58, DBG_IMPORTANT, "Too large reply header (" << hdr_len << " > " << Config.maxReplyHeaderSize);
-        *error = Http::scHeaderTooLarge;
-        return false;
-    }
-
-    if (hdr_len <= 0) {
-        debugs(58, 3, "failed to find end of headers (eof: " << eof << ") in '" << buf << "'");
-
-        if (eof) // iff we have seen the end, this is an error
-            *error = Http::scInvalidHeader;
-
-        return false;
-    }
+    assert(hdr_len > 0); // sanityCheckStartLine() rejects buffers that cannot be parsed
 
     const int res = httpMsgParseStep(buf, sz, eof);
 
@@ -296,4 +289,3 @@ Http::Message::firstLineBuf(MemBuf &mb)
 {
     packFirstLineInto(&mb, true);
 }
-

diff --git a/src/http/Message.h b/src/http/Message.h
index d896d5e41d1516d2ca27909f9ca64536ed3d5f27..7a61b642939678b94f18120944a9f81c9bb6af02 100644 (file)
--- a/src/http/Message.h
+++ b/src/http/Message.h
@@ -123,6 +123,7 @@ protected:
     /**
      * Validate the message start line is syntactically correct.
      * Set HTTP error status according to problems found.
+     * Zero hdr_len is treated as a serious problem.
      *
      * \retval true   Status line has no serious problems.
      * \retval false  Status line has a serious problem. Correct response is indicated by error.