[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [libmicrohttpd] bad request chrashes daemon
From: |
Sebastian |
Subject: |
Re: [libmicrohttpd] bad request chrashes daemon |
Date: |
Wed, 26 Mar 2008 19:48:54 +0100 |
Hello Christian,
your fix catches one bad line, but it seenms to be still vulnerable if
there are two of them with leading spaces.
I built fresh from SVN 6626 (without messages this time).
Minimal_example and telnetting on same host. Telnet input:
>GET /<enter>
> abc<enter>
> dfg<enter>
(mind the spaces)
gives me a segfault again.
Sebastian
> You are right. Fixed in SVN 6626 with the following patch (I think it
> is best
> to "tolerate" this kind of malformed request by ignoring the "abc" input
> instead of closing the connection or being unfriendly in some other fashion).
> Now, the code will kill the connection if there are multiple lines of bad
> input like that (before the end of the header).
> I guess what we should do is send an HTTP 400 Bad Request response, but that
> patch will be a bit longer. I'll look into doing something along those lines
> later today.
> Christian