From b04c787df4e94f5dd37f2d1f078202d7950e63b3 Mon Sep 17 00:00:00 2001 From: Lorenz Stechauner Date: Tue, 29 Dec 2020 10:46:44 +0100 Subject: [PATCH] Method parsing bugfix --- src/client.c | 6 +++--- src/http.c | 33 +++++++++++++-------------------- src/http.h | 2 +- 3 files changed, 17 insertions(+), 24 deletions(-) diff --git a/src/client.c b/src/client.c index dcaf2cf..9f624b5 100644 --- a/src/client.c +++ b/src/client.c @@ -166,7 +166,7 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int res.status = http_get_status(200); http_add_header_field(&res.hdr, "Allow", "GET, HEAD"); http_add_header_field(&res.hdr, "Accept-Ranges", "bytes"); - if (strncmp(req.method, "GET", 3) != 0 && strncmp(req.method, "HEAD", 4) != 0) { + if (strcmp(req.method, "GET") != 0 && strcmp(req.method, "HEAD") != 0) { res.status = http_get_status(405); goto respond; } @@ -270,7 +270,7 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int goto respond; } - if (strncmp(req.method, "POST", 4) == 0 || strncmp(req.method, "PUT", 3) == 0) { + if (strcmp(req.method, "POST") == 0 || strcmp(req.method, "PUT") == 0) { char *client_content_length = http_get_header_field(&req.hdr, "Content-Length"); unsigned long client_content_len = 0; if (client_content_length == NULL) { @@ -356,7 +356,7 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int print("%s%03i %s%s%s (%s)%s", http_get_status_color(res.status), res.status->code, res.status->msg, location != NULL ? " -> " : "", location != NULL ? location : "", format_duration(micros, buf0), CLR_STR); - if (strncmp(req.method, "HEAD", 4) != 0) { + if (strcmp(req.method, "HEAD") != 0) { unsigned long snd_len = 0; unsigned long len = 0; if (msg_buf[0] != 0) { diff --git a/src/http.c b/src/http.c index 20f2890..1e874b6 100644 --- a/src/http.c +++ b/src/http.c @@ -123,29 +123,22 @@ int http_receive_request(sock *client, http_req *req) { } if (req->version[0] == 0) { - if (memcmp(ptr, "GET ", 4) == 0) { - strcpy(req->method, "GET"); - } else if (memcmp(ptr, "HEAD ", 5) == 0) { - strcpy(req->method, "HEAD"); - } else if (memcmp(ptr, "POST ", 5) == 0) { - strcpy(req->method, "POST"); - } else if (memcmp(ptr, "PUT ", 4) == 0) { - strcpy(req->method, "PUT"); - } else if (memcmp(ptr, "DELETE ", 7) == 0) { - strcpy(req->method, "DELETE"); - } else if (memcmp(ptr, "CONNECT ", 7) == 0) { - strcpy(req->method, "CONNECT"); - } else if (memcmp(ptr, "OPTIONS ", 7) == 0) { - strcpy(req->method, "OPTIONS"); - } else if (memcmp(ptr, "TRACE ", 6) == 0) { - strcpy(req->method, "TRACE"); - } else { - print(ERR_STR "Unable to parse header: Invalid method" CLR_STR); + pos1 = memchr(ptr, ' ', rcv_len - (ptr - buf)) + 1; + if (pos1 == NULL) goto err_hdr_fmt; + + if (pos1 - ptr - 1 >= sizeof(req->method)) { + print(ERR_STR "Unable to parse header: Method name too long" CLR_STR); return 2; } - pos1 = memchr(ptr, ' ', rcv_len - (ptr - buf)) + 1; - if (pos1 == NULL) goto err_hdr_fmt; + for (int i = 0; i < (pos1 - ptr - 1); i++) { + if (ptr[i] < 'A' || ptr[i] > 'Z') { + print(ERR_STR "Unable to parse header: Invalid method" CLR_STR); + return 2; + } + } + strncpy(req->method, ptr, pos1 - ptr - 1); + pos2 = memchr(pos1, ' ', rcv_len - (pos1 - buf)) + 1; if (pos2 == NULL) { err_hdr_fmt: diff --git a/src/http.h b/src/http.h index 337a549..d43bdd4 100644 --- a/src/http.h +++ b/src/http.h @@ -32,7 +32,7 @@ typedef struct { } http_hdr; typedef struct { - char method[8]; + char method[16]; char *uri; char version[3]; http_hdr hdr;