Permalink
Browse files

detection of oversized requests from clients

  • Loading branch information...
1 parent 51d0c8b commit 982449512749afcbba8085f7e7fef14525474f89 skodak committed Feb 6, 2005
Showing with 7 additions and 1 deletion.
  1. +7 −1 mod/chat/chatd.php
View
@@ -973,11 +973,17 @@ function cli_switch($switch, $param = NULL) {
if($changed > 0) {
// Let's see what it has to say
- $data = socket_read($handle, 2048); // should be more to prevent empty pages and repeated messages!!
+ $data = socket_read($handle, 2048); // should be more than 512 to prevent empty pages and repeated messages!!
if(empty($data)) {
continue;
}
+ if (strlen($data) == 2048) { // socket_read has more data, ignore all data
+ $DAEMON->trace('UFO with '.$handle.': Data too long; connection closed', E_USER_WARNING);
+ $DAEMON->dismiss_ufo($handle, true, 'Data too long; connection closed');
+ continue;
+ }
+
if(!ereg('win=(chat|users|message|beep).*&chat_sid=([a-zA-Z0-9]*)&groupid=([0-9]*) HTTP', $data, $info)) {
// Malformed data
$DAEMON->trace('UFO with '.$handle.': Request with malformed data; connection closed', E_USER_WARNING);

0 comments on commit 9824495

Please sign in to comment.