Bug 2297: file uploads (RFC1867) fail with "error:double-CR"

author Amos Jeffries <squid3@treenet.co.nz>

Fri, 25 Apr 2008 10:44:27 +0000 (22:44 +1200)

committer Amos Jeffries <squid3@treenet.co.nz>

Fri, 25 Apr 2008 10:44:27 +0000 (22:44 +1200)
author Amos Jeffries <squid3@treenet.co.nz>
Fri, 25 Apr 2008 10:44:27 +0000 (22:44 +1200)
committer Amos Jeffries <squid3@treenet.co.nz>
Fri, 25 Apr 2008 10:44:27 +0000 (22:44 +1200)
diff --git a/src/client_side.cc b/src/client_side.cc

index e381cafcd5acb833342305701938a5eded7c35d4..db86dcce9bad858395ac49878103c184b41690e8 100644 (file)
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -1953,7 +1953,11 @@ parseHttpRequest(ConnStateData *conn, HttpParser *hp, HttpRequestMethod * method
  
      debugs(33, 3, "parseHttpRequest: end = {" << end << "}");
  
-    if (strstr(req_hdr, "\r\r\n")) {
+    /*
+     * Check that the headers don't have double-CR.
+     * NP: strnstr is required so we don't search any possible binary body blobs.
+     */
+    if ( strnstr(req_hdr, "\r\r\n", req_sz) ) {
          debugs(33, 1, "WARNING: suspicious HTTP request contains double CR");
          xfree(url);
          return parseHttpRequestAbort(conn, "error:double-CR");
author	Amos Jeffries <squid3@treenet.co.nz>
	Fri, 25 Apr 2008 10:44:27 +0000 (22:44 +1200)
committer	Amos Jeffries <squid3@treenet.co.nz>
	Fri, 25 Apr 2008 10:44:27 +0000 (22:44 +1200)