This repository has been archived by the owner on Nov 6, 2022. It is now read-only.
Overflow detection on chunk extensions #34
Comments
|
Fix pushed. |
This issue was closed.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
There's a TODO in the code:
Allowing unbounded chunk extensions is hardly the end of the world, but doesn't hurt to address it. Easiest way I found was to treat the state for the chunk headers as if they were regular headers, and have the parser bail if the total amount of data in a chunk header is larger then HTTP_MAX_HEADER_SIZE.
See chunk_ext_overflow
The text was updated successfully, but these errors were encountered: