From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on gnuweeb.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NO_DNS_FOR_FROM,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 Received: from integral2.. (unknown [36.81.65.188]) by gnuweeb.org (Postfix) with ESMTPSA id 77A567E34F; Fri, 8 Jul 2022 12:10:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gnuweeb.org; s=default; t=1657282238; bh=FLXRQRpC1k0UK4kLkf8ER9qg04nwvIRDvinlCbkWKUo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=crtr2jWEr5D9JFFTwDinxEHPvS7xXjez1dq5fzcnxmDvNl+XIfwosigcy6EKPUVJJ p8jM0dNzJoBKXn4u7Wg6k6KwDEyXOx/cPjaGBvgfGwWeg3axfmWTe4O/QRoLfNtTzU Nep5qZwdxeyWSe47ZD3fxYSgmQZNAZkgvqsOGuOJ0hRdOY4AiVdCpdEE7LJXC7VYVE q+x3BW6R+uOeMy2rFCmMaShvPr1KUqHPSBjurmk52DNJE/0m3rDzyR9WlFUpr1Lo2O KrE54dNyfr+EQmjU91o+ayU197ZuSjqO9pZ5TvKW7m0otWgW0ewPIQitZTMm22faod KqOOVKqxzATXw== From: Ammar Faizi To: GNU/Weeb Mailing List Cc: Ammar Faizi , Alviro Iskandar Setiawan , Arthur Lapz , Fernanda Ma'rouf , Sprite , Yonle Subject: [PATCH gwhttpd 01/14] gwhttpd: Do an early return when `parse_http_header()` fails Date: Fri, 8 Jul 2022 19:10:12 +0700 Message-Id: <20220708121025.926162-2-ammarfaizi2@gnuweeb.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220708121025.926162-1-ammarfaizi2@gnuweeb.org> References: <20220708121025.926162-1-ammarfaizi2@gnuweeb.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit List-Id: Don't continue executing the next line if we fail to parse the HTTP header, that's the wrong path, we should stop the client early. Signed-off-by: Ammar Faizi --- gwhttpd.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/gwhttpd.cpp b/gwhttpd.cpp index 0f4261d..33b58a1 100644 --- a/gwhttpd.cpp +++ b/gwhttpd.cpp @@ -498,8 +498,10 @@ static int _handle_client(struct client_sess *sess, struct server_state *state) sess->buf[sess->buf_size] = '\0'; if (!sess->got_http_header) { ret = parse_http_header(sess); - if (ret) + if (ret) { send_error_and_close(400, sess, state); + return 0; + } if (!sess->got_http_header) return 0; } -- Ammar Faizi