RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 17:47:44 +00:00
Code Issues Activity Actions

LibHTTP: Return error if request is incomplete

Browse source 
If there is not enough input to completely parse HTTP request we need
to return error and handle it in HTTP server.
This commit is contained in:
Aliaksandr Kalenik 2023-03-23 03:06:13 +03:00 committed by Andreas Kling
parent 9220cdc285
commit 7b8a857e30
2 changed files with 14 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
Userland/Libraries/LibHTTP/HttpRequest.cpp
View file

@ -102,6 +102,7 @@ ErrorOr<HttpRequest, HttpRequest::ParseError> HttpRequest::from_raw_request(Read
Vector<u8, 256> buffer; Vector<u8, 256> buffer;
Optional<unsigned> content_length;
DeprecatedString method; DeprecatedString method;
DeprecatedString resource; DeprecatedString resource;
DeprecatedString protocol; DeprecatedString protocol;
@ -168,6 +169,10 @@ ErrorOr<HttpRequest, HttpRequest::ParseError> HttpRequest::from_raw_request(Read
} }
commit_and_advance_to(current_header.value, next_state); commit_and_advance_to(current_header.value, next_state);
if (current_header.name.equals_ignoring_ascii_case("Content-Length"sv))
content_length = current_header.value.to_uint();
headers.append(move(current_header)); headers.append(move(current_header));
break; break;
} }
@ -189,6 +194,12 @@ ErrorOr<HttpRequest, HttpRequest::ParseError> HttpRequest::from_raw_request(Read
} }
} }
if (state != State::InBody)
return ParseError::RequestIncomplete;
if (content_length.has_value() && content_length.value() != body.size())
return ParseError::RequestIncomplete;
HttpRequest request; HttpRequest request;
if (method == "GET") if (method == "GET")
request.m_method = Method::GET; request.m_method = Method::GET;

3
Userland/Libraries/LibHTTP/HttpRequest.h
View file

@ -20,6 +20,7 @@ class HttpRequest {
public: public:
enum class ParseError { enum class ParseError {
RequestTooLarge, RequestTooLarge,
RequestIncomplete,
OutOfMemory, OutOfMemory,
UnsupportedMethod UnsupportedMethod
}; };
@ -29,6 +30,8 @@ public:
switch (error) { switch (error) {
case ParseError::RequestTooLarge: case ParseError::RequestTooLarge:
return "Request too large"sv; return "Request too large"sv;
case ParseError::RequestIncomplete:
return "Request is incomplete"sv;
case ParseError::OutOfMemory: case ParseError::OutOfMemory:
return "Out of memory"sv; return "Out of memory"sv;
case ParseError::UnsupportedMethod: case ParseError::UnsupportedMethod: