net hardening

2 files changed, 17 insertions, 4 deletions

diff --git a/src/net/common.h b/src/net/common.h
index 04447f1..4120734 100644
--- a/src/net/common.h
+++ b/src/net/common.h
@@ -22,6 +22,7 @@
 
 #define max_con 200
 //2^42
+#define MAX_HEADER_SIZE (1<<20)
 #define BUFFER_SIZE 20000
 #define HTTP_BUFFER_SIZE 4098
 #define max_content_length 200000
diff --git a/src/net/util.c b/src/net/util.c
index 213be9f..36f6d39 100644
--- a/src/net/util.c
+++ b/src/net/util.c
@@ -47,6 +47,10 @@ int64_t recv_full_buffer(int client_fd, char** _buffer, int* header_eof, int* st
     }
 
     len += n;
+    if(len >= MAX_HEADER_SIZE){
+      *_buffer = buffer;
+      return -2;//p_fatal("too large");
+    } 
     if(*header_eof == -1){
       buffer = realloc(buffer, len + BUFFER_SIZE + 1);
       memset(buffer + len, 0, n + 1);
@@ -80,7 +84,14 @@ int parse_header(char* buffer, int header_eof, parray_t** _table){
       str_clear(current);
       item++;
       if(buffer[oi] == '\n') break;
-    } else str_pushl(current, buffer + oi, 1);
+    } else {
+      str_pushl(current, buffer + oi, 1);
+    }
+  }
+
+  if(item != 3){
+    *_table = table;
+    return -1;
   }
 
   int key = 1;
@@ -103,10 +114,12 @@ int parse_header(char* buffer, int header_eof, parray_t** _table){
       continue;
     } else str_pushl(current, buffer + i, 1);
   }
-  parray_set(table, sw->c, (void*)str_init(current->c));
+  if(sw != NULL){
+    parray_set(table, sw->c, (void*)str_init(current->c));
+    str_free(sw);
+  }
 
   str_free(current);
-  if(sw != NULL) str_free(sw);
   *_table = table;
   return 0;
 }
@@ -135,7 +148,6 @@ void http_build(str** _dest, int code, char* code_det, char* header_vs, char* co
  * 
 */
 void http_code(int code, char* code_det){
-  //this was done with a script btw
   switch(code){
     case 100: sprintf(code_det,"Continue"); break;
     case 101: sprintf(code_det,"Switching Protocols"); break;