From 1b38991cd94101c437bf69b60ded39cce7872931 Mon Sep 17 00:00:00 2001 From: Christian Hofstaedtler Date: Sat, 24 Aug 2013 15:39:26 +0200 Subject: [PATCH] Provide tighter bounds to HTTP first line parser in Recursor stringtok over the entire 16k buffer is useless. Also it might make Coverity shut up. Tentative fix for Coverity CID 1063848. --- pdns/json_ws.cc | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/pdns/json_ws.cc b/pdns/json_ws.cc index d200bf4df8..b491b430f5 100644 --- a/pdns/json_ws.cc +++ b/pdns/json_ws.cc @@ -59,14 +59,17 @@ void JWebserver::readRequest(int fd) // Note: this code makes it impossible to read the request body. // We'll at least need to wait for two \r\n sets to arrive, parse the // headers, and then read the body (using the supplied Content-Length). - char * p = strchr(buffer, '\r'); + char *p = strchr(buffer, '\r'); if(p) *p = 0; + vector parts; - stringtok(parts, buffer); string method, uri; - if(parts.size()>1) { - method=parts[0]; - uri=parts[1]; + if(strlen(buffer) < 2048) { + stringtok(parts, buffer); + if(parts.size()>1) { + method=parts[0]; + uri=parts[1]; + } } string content; @@ -78,7 +81,7 @@ void JWebserver::readRequest(int fd) if (method != "GET") { status = "400 Bad Request"; - content = "Your client sent a request this server does not understand.\n"; + content = "Your client sent a request this server could not understand.\n"; } else { parts.clear(); stringtok(parts, uri, "?"); -- 2.47.2