libmicrohttpd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [libmicrohttpd] bad request chrashes daemon


From: Sebastian
Subject: Re: [libmicrohttpd] bad request chrashes daemon
Date: Wed, 26 Mar 2008 19:48:54 +0100

Hello Christian,

your fix catches one bad line, but it seenms to be still vulnerable if
there are two of them with leading spaces.

I built fresh from SVN 6626 (without messages this time).
Minimal_example and telnetting on same host. Telnet input:
>GET /<enter>
> abc<enter>
> dfg<enter>
(mind the spaces)
gives me a segfault again.


Sebastian



> You are right.  Fixed in SVN 6626 with the following patch (I think it
> is best 
> to "tolerate" this kind of malformed request by ignoring the "abc" input 
> instead of closing the connection or being unfriendly in some other fashion). 
> Now, the code will kill the connection if there are multiple lines of bad 
> input like that (before the end of the header).  

> I guess what we should do is send an HTTP 400 Bad Request response, but that 
> patch will be a bit longer. I'll look into doing something along those lines 
> later today.

> Christian



reply via email to

[Prev in Thread] Current Thread [Next in Thread]