Permalink
Browse files

catch invalid numbers in http_protocol_handler when parsing

  • Loading branch information...
miltonf committed Dec 24, 2018
1 parent 7ea2063 commit 359208c67bd67fd98bd7f920a419d4c298806206
Showing with 12 additions and 4 deletions.
  1. +12 −4 contrib/epee/include/net/http_protocol_handler.inl
@@ -314,8 +314,10 @@ namespace net_utils
inline bool analize_http_method(const boost::smatch& result, http::http_method& method, int& http_ver_major, int& http_ver_minor)
{
CHECK_AND_ASSERT_MES(result[0].matched, false, "simple_http_connection_handler::analize_http_method() assert failed...");
http_ver_major = boost::lexical_cast<int>(result[11]);
http_ver_minor = boost::lexical_cast<int>(result[12]);
if (!boost::conversion::try_lexical_convert<int>(result[11], http_ver_major))
return false;
if (!boost::conversion::try_lexical_convert<int>(result[12], http_ver_minor))
return false;

if(result[3].matched)
method = http::http_method_options;
@@ -343,7 +345,12 @@ namespace net_utils
boost::smatch result;
if(boost::regex_search(m_cache, result, rexp_match_command_line, boost::match_default) && result[0].matched)
{
analize_http_method(result, m_query_info.m_http_method, m_query_info.m_http_ver_hi, m_query_info.m_http_ver_hi);
if (!analize_http_method(result, m_query_info.m_http_method, m_query_info.m_http_ver_hi, m_query_info.m_http_ver_hi))
{
m_state = http_state_error;
MERROR("Failed to analyze method");
return false;
}
m_query_info.m_URI = result[10];
if (!parse_uri(m_query_info.m_URI, m_query_info.m_uri_content))
{
@@ -540,7 +547,8 @@ namespace net_utils
if(!(boost::regex_search( str, result, rexp_mach_field, boost::match_default) && result[0].matched))
return false;

len = boost::lexical_cast<size_t>(result[0]);
try { len = boost::lexical_cast<size_t>(result[0]); }
catch(...) { return false; }
return true;
}
//-----------------------------------------------------------------------------------

0 comments on commit 359208c

Please sign in to comment.