Permalink
Browse files

Do not accept empty header name.

  • Loading branch information...
1 parent b890285 commit 7f9b42cee765e3d795366496068e43b22c896e4a @FooBarWidget committed Jun 21, 2010
Showing with 10 additions and 0 deletions.
  1. +10 −0 multipart.cpp
View
@@ -88,6 +88,12 @@ class MultipartParser {
return false;
}
+ bool isHeaderFieldCharacter(char c) const {
+ return (c >= 'a' && c <= 'z')
+ || (c >= 'A' && c <= 'Z')
+ || c == HYPHEN;
+ }
+
void setError(const char *message) {
state = ERROR;
errorReason = message;
@@ -192,6 +198,10 @@ class MultipartParser {
case HEADER_FIELD_START:
state = HEADER_FIELD;
headerFieldMark = i;
+ if (c != CR && !isHeaderFieldCharacter(c)) {
+ setError("Malformd first header name character.");
+ return i;
+ }
case HEADER_FIELD:
if (c == CR) {
headerFieldMark = UNMARKED;

0 comments on commit 7f9b42c

Please sign in to comment.