Bug 2674: Remove limit on HTTP headers read.

Headers may be accumulated over more than one read. It does not make
sense to limit the internal copy of the accumulated read buffer to 64KB.

Reverts the internal read buffer to MemBuf defaults. This may cause
issues where headers are of unbounded size. But those are expected to be
caught by the header parser.

Check buffer limits before parsing and return error on all bad parse cases.
No exceptions.

diff --git a/src/HttpMsg.cc b/src/HttpMsg.cc
index 22e61db8922003de018c55ef494d2104b35d7c6d..0132de9e49d3bf086601936f282cdeac949d70f6 100644 (file)
--- a/src/HttpMsg.cc
+++ b/src/HttpMsg.cc
@@ -189,6 +189,7 @@ bool HttpMsg::parse(MemBuf *buf, bool eof, http_status *error)
     if (res == 0) {
         debugs(58, 2, "HttpMsg::parse: strange, need more data near '" <<
                buf->content() << "'");
+        *error = HTTP_INVALID_HEADER;
         return false; // but this should not happen due to headersEnd() above
     }
 

diff --git a/src/client_side.cc b/src/client_side.cc
index 4aab181d8b1df9f6746090202ad87c6fdd11f920..c895fecf66a2b04c10dec80d93912415bb2811a3 100644 (file)
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -1931,6 +1931,17 @@ parseHttpRequest(ConnStateData *conn, HttpParser *hp, HttpRequestMethod * method
     /* pre-set these values to make aborting simpler */
     *method_p = METHOD_NONE;
 
+    /* NP: don't be tempted to move this down or remove again.
+     * It's the only DDoS protection old-String has against long URL */
+    if ( hp->bufsiz <= 0) {
+        debugs(33, 5, "Incomplete request, waiting for end of request line");
+        return NULL;
+    }
+    else if ( (size_t)hp->bufsiz >= Config.maxRequestHeaderSize && headersEnd(hp->buf, Config.maxRequestHeaderSize) == 0) {
+        debugs(33, 5, "parseHttpRequest: Too large request");
+        return parseHttpRequestAbort(conn, "error:request-too-large");
+    }
+
     /* Attempt to parse the first line; this'll define the method, url, version and header begin */
     r = HttpParserParseReqLine(hp);
 

diff --git a/src/http.cc b/src/http.cc
index de16198793bf334d90f046e0fd021b63fa935209..e946dbfb786a920bae51cdb06c2eb64122f3bd85 100644 (file)
--- a/src/http.cc
+++ b/src/http.cc
@@ -84,7 +84,7 @@ HttpStateData::HttpStateData(FwdState *theFwdState) : AsyncJob("HttpStateData"),
     surrogateNoStore = false;
     fd = fwd->server_fd;
     readBuf = new MemBuf;
-    readBuf->init(4096, SQUID_TCP_SO_RCVBUF);
+    readBuf->init();
     orig_request = HTTPMSGLOCK(fwd->request);
 
     // reset peer response time stats for %<pt