haiwan
/
http-parser
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix http_parser.nread off-by-one accounting error.

Browse Source 
Fixes: https://github.com/nodejs/http-parser/issues/426
PR-URL: https://github.com/nodejs/http-parser/pull/427
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
make-http-max-header-size-gyp-configurable
Ben Noordhuis 7 years ago
parent a1e0c3a2da
commit a7c2e8626b
2 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File

9
http_parser.c
Unescape View File

@ -1339,13 +1339,14 @@ reexecute:
} }
} }
COUNT_HEADER_SIZE(p - start);
if (p == data + len) { if (p == data + len) {
--p; --p;
COUNT_HEADER_SIZE(p - start);
break; break;
} }
COUNT_HEADER_SIZE(p - start);
if (ch == ':') { if (ch == ':') {
UPDATE_STATE(s_header_value_discard_ws); UPDATE_STATE(s_header_value_discard_ws);
CALLBACK_DATA(header_field); CALLBACK_DATA(header_field);
@ -1634,10 +1635,10 @@ reexecute:
} }
parser->header_state = h_state; parser->header_state = h_state;
COUNT_HEADER_SIZE(p - start);
if (p == data + len) if (p == data + len)
--p; --p;
COUNT_HEADER_SIZE(p - start);
break; break;
} }

17
test.c
Unescape View File

@ -3388,8 +3388,17 @@ test_message (const struct message *message)
size_t msg2len = raw_len - msg1len; size_t msg2len = raw_len - msg1len;
if (msg1len) { if (msg1len) {
assert(num_messages == 0);
messages[0].headers_complete_cb_called = FALSE;
read = parse(msg1, msg1len); read = parse(msg1, msg1len);
if (!messages[0].headers_complete_cb_called && parser.nread != read) {
assert(parser.nread == read);
print_error(msg1, read);
abort();
}
if (message->upgrade && parser.upgrade && num_messages > 0) { if (message->upgrade && parser.upgrade && num_messages > 0) {
messages[num_messages - 1].upgrade = msg1 + read; messages[num_messages - 1].upgrade = msg1 + read;
goto test; goto test;
@ -3898,8 +3907,16 @@ test_scan (const struct message *r1, const struct message *r2, const struct mess
strlncpy(buf3, sizeof(buf1), total+j, buf3_len); strlncpy(buf3, sizeof(buf1), total+j, buf3_len);
buf3[buf3_len] = 0; buf3[buf3_len] = 0;
assert(num_messages == 0);
messages[0].headers_complete_cb_called = FALSE;
read = parse(buf1, buf1_len); read = parse(buf1, buf1_len);
if (!messages[0].headers_complete_cb_called && parser.nread != read) {
print_error(buf1, read);
goto error;
}
if (parser.upgrade) goto test; if (parser.upgrade) goto test;
if (read != buf1_len) { if (read != buf1_len) {

Write Preview
Loading…
Cancel
Save