Changeset 2eaf499 in rtems for cpukit/httpd/webs.c


Ignore:
Timestamp:
Feb 8, 2006, 4:16:42 PM (14 years ago)
Author:
Joel Sherrill <joel.sherrill@…>
Branches:
4.10, 4.11, 4.8, 4.9, master
Children:
0564ff51
Parents:
4217b96
Message:

2006-02-08 Thomas Rauscher <trauscher@…>

PR 890/networking

  • httpd/webs.c: The webservers enters an infinite loop when a POST request with less data than indicated in the Content-Length header is received. It also consumes additional heap memory and a file descriptor for each invalid POST.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • cpukit/httpd/webs.c

    r4217b96 r2eaf499  
    584584
    585585                }  else if (nbytes == 0) {                              /* EOF or No data available */
     586                        /* Bugfix for POST DoS attack with invalid content length */
     587                        if (socketEof(wp->sid)) {
     588                                websDone(wp, 0);
     589                        }
     590                        /* End of bugfix */
    586591                        return -1;
    587592
Note: See TracChangeset for help on using the changeset viewer.