Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

* luci/libs/http: added more sanity checks to mime decoder

Browse source
This commit is contained in:
Jo-Philipp Wich 2008-07-18 14:19:56 +00:00
parent 94836433e5
commit 8c46333ed1
1 changed files with 14 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
libs/http/luasrc/http/protocol.lua
View file

@ -455,13 +455,20 @@ function mimedecode_message_body( src, msg, filecb )
end end
local field = { headers = { } } local tlen = 0
local inhdr = false local inhdr = false
local field = nil
local store = nil local store = nil
local lchunk = nil local lchunk = nil
local function snk( chunk ) local function snk( chunk )
tlen = tlen + ( chunk and #chunk or 0 )
if msg.env.CONTENT_LENGTH and tlen > msg.env.CONTENT_LENGTH then
return nil, "Message body size exceeds Content-Length"
end
if chunk and not lchunk then if chunk and not lchunk then
lchunk = "\r\n" .. chunk lchunk = "\r\n" .. chunk
@ -524,7 +531,11 @@ function mimedecode_message_body( src, msg, filecb )
lchunk = data:sub( #data - 78 + 1, #data ) lchunk = data:sub( #data - 78 + 1, #data )
data = data:sub( 1, #data - 78 ) data = data:sub( 1, #data - 78 )
if store and field and field.name then
store( field.headers, data ) store( field.headers, data )
else
return nil, "Invalid MIME section header"
end
else else
lchunk, data = data, nil lchunk, data = data, nil
end end
@ -620,7 +631,7 @@ function parse_message_header( source )
-- Populate common environment variables -- Populate common environment variables
msg.env = { msg.env = {
CONTENT_LENGTH = msg.headers['Content-Length']; CONTENT_LENGTH = tonumber(msg.headers['Content-Length']);
CONTENT_TYPE = msg.headers['Content-Type']; CONTENT_TYPE = msg.headers['Content-Type'];
REQUEST_METHOD = msg.request_method:upper(); REQUEST_METHOD = msg.request_method:upper();
REQUEST_URI = msg.request_uri; REQUEST_URI = msg.request_uri;