Permalink
Browse files

Add integer overflow check for content-length

  • Loading branch information...
K. Reid Wightman
K. Reid Wightman committed Oct 18, 2017
1 parent b3e4ff6 commit adeb4abc6c998c19524e09fde20c02b4a26765a3
Showing with 2 additions and 2 deletions.
  1. +2 −2 src/http.c
View
@@ -1090,12 +1090,12 @@ static void parseHeaders(Webs *wp)
} else if (strcmp(key, "content-length") == 0) {
wp->rxLen = atoi(value);
if (smatch(wp->method, "PUT")) {
if (wp->rxLen > ME_GOAHEAD_LIMIT_PUT) {
if (wp->rxLen > ME_GOAHEAD_LIMIT_PUT || wp->rxLen < 0) {
websError(wp, HTTP_CODE_REQUEST_TOO_LARGE | WEBS_CLOSE, "Too big");
return;
}
} else {
if (wp->rxLen > ME_GOAHEAD_LIMIT_POST) {
if (wp->rxLen > ME_GOAHEAD_LIMIT_POST || wp->rxLen < 0) {
websError(wp, HTTP_CODE_REQUEST_TOO_LARGE | WEBS_CLOSE, "Too big");
return;
}

0 comments on commit adeb4ab

Please sign in to comment.