From: Christian Hofstaedtler <christian@hofstaedtler.name>
Date: Sat, 24 Aug 2013 13:39:26 +0000 (+0200)
Subject: Provide tighter bounds to HTTP first line parser in Recursor
X-Git-Tag: rec-3.6.0-rc1~506^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F966%2Fhead;p=thirdparty%2Fpdns.git

Provide tighter bounds to HTTP first line parser in Recursor

stringtok over the entire 16k buffer is useless. Also it might make
Coverity shut up.

Tentative fix for Coverity CID 1063848.
---

diff --git a/pdns/json_ws.cc b/pdns/json_ws.cc
index d200bf4df8..b491b430f5 100644
--- a/pdns/json_ws.cc
+++ b/pdns/json_ws.cc
@@ -59,14 +59,17 @@ void JWebserver::readRequest(int fd)
   // Note: this code makes it impossible to read the request body.
   // We'll at least need to wait for two \r\n sets to arrive, parse the
   // headers, and then read the body (using the supplied Content-Length).
-  char * p = strchr(buffer, '\r');
+  char *p = strchr(buffer, '\r');
   if(p) *p = 0;
+
   vector<string> parts;
-  stringtok(parts, buffer);
   string method, uri;
-  if(parts.size()>1) {
-    method=parts[0];
-    uri=parts[1];
+  if(strlen(buffer) < 2048) {
+    stringtok(parts, buffer);
+    if(parts.size()>1) {
+      method=parts[0];
+      uri=parts[1];
+    }
   }
 
   string content;
@@ -78,7 +81,7 @@ void JWebserver::readRequest(int fd)
 
   if (method != "GET") {
     status = "400 Bad Request";
-    content = "Your client sent a request this server does not understand.\n";
+    content = "Your client sent a request this server could not understand.\n";
   } else {
     parts.clear();
     stringtok(parts, uri, "?");