Bug 2297: file uploads (RFC1867) fail with "error:double-CR"

author Amos Jeffries <squid3@treenet.co.nz>

Fri, 25 Apr 2008 10:39:36 +0000 (22:39 +1200)

committer Amos Jeffries <squid3@treenet.co.nz>

Fri, 25 Apr 2008 10:39:36 +0000 (22:39 +1200)
author Amos Jeffries <squid3@treenet.co.nz>
Fri, 25 Apr 2008 10:39:36 +0000 (22:39 +1200)
committer Amos Jeffries <squid3@treenet.co.nz>
Fri, 25 Apr 2008 10:39:36 +0000 (22:39 +1200)
diff --git a/src/client_side.cc b/src/client_side.cc

index df75e9d96a7526bcdb1da30a47d1f1cefbece240..37344a959025e98196b68dcfa183a8714a848163 100644 (file)
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -1919,7 +1919,11 @@ parseHttpRequest(ConnStateData::Pointer & conn, HttpParser *hp, method_t * metho
  
      debugs(33, 3, "parseHttpRequest: end = {" << end << "}");
  
-    if (strstr(req_hdr, "\r\r\n")) {
+    /*
+     * Check that the headers don't have double-CR.
+     * NP: strnstr is required so we don't search any possible binary body blobs.
+     */
+    if ( strnstr(req_hdr, "\r\r\n", req_sz) ) {
          debugs(33, 1, "WARNING: suspicious HTTP request contains double CR");
          xfree(url);
          return parseHttpRequestAbort(conn, "error:double-CR");
author	Amos Jeffries <squid3@treenet.co.nz>
	Fri, 25 Apr 2008 10:39:36 +0000 (22:39 +1200)
committer	Amos Jeffries <squid3@treenet.co.nz>
	Fri, 25 Apr 2008 10:39:36 +0000 (22:39 +1200)