From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on gnuweeb.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NO_DNS_FOR_FROM,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 Received: from integral2.. (unknown [125.160.108.65]) by gnuweeb.org (Postfix) with ESMTPSA id 3E4057F955; Sun, 26 Jun 2022 05:56:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gnuweeb.org; s=default; t=1656223007; bh=FLXRQRpC1k0UK4kLkf8ER9qg04nwvIRDvinlCbkWKUo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=XN4nrc86NJYyttTDN31alO0NXqtawZH7AxX/DlCp3hLuUUny2ab4wBGj63p8qogml KAen7p+Yu0Zs7cfMON+7LQhJq11ere1Ot+6WtpfCWtAgnPIxAeNhqur4jB+XsuFB6u JZnwWfA11O1s5wzJc4NGjrMS3l5NC1HbOn5j7Zg2k4vOAxu76OefIFjJOwtuFiaNy9 7j0kwh/vJaduY0YbYIxK53hM+lyh5ALfW/4gUvjr+skMuUu1Ay5h8iFF8ZhvwwLjDT a4Igkua1XP4hbOusgjlPZ0rxJxbAhlD8uwTTZY193TlTmyq+kK9I2t/M8jEzNFYUe4 Bb9ETmk/ualyw== From: Ammar Faizi To: GNU/Weeb Mailing List Cc: Ammar Faizi , Arthur Lapz , Sprite , Yonle Subject: [PATCH gwhttpd 1/7] gwhttpd: Do an early return when parse_http_header fails Date: Sun, 26 Jun 2022 12:56:28 +0700 Message-Id: <20220626055634.676175-2-ammarfaizi2@gnuweeb.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220626055634.676175-1-ammarfaizi2@gnuweeb.org> References: <20220626055634.676175-1-ammarfaizi2@gnuweeb.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit List-Id: Don't continue executing the next line if we fail to parse the HTTP header, that's the wrong path, we should stop the client early. Signed-off-by: Ammar Faizi --- gwhttpd.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/gwhttpd.cpp b/gwhttpd.cpp index 0f4261d..33b58a1 100644 --- a/gwhttpd.cpp +++ b/gwhttpd.cpp @@ -498,8 +498,10 @@ static int _handle_client(struct client_sess *sess, struct server_state *state) sess->buf[sess->buf_size] = '\0'; if (!sess->got_http_header) { ret = parse_http_header(sess); - if (ret) + if (ret) { send_error_and_close(400, sess, state); + return 0; + } if (!sess->got_http_header) return 0; } -- Ammar Faizi