RTOS/rtems
1
0
Fork 0
forked from Imagelibrary/rtems
Code Pull Requests Activity

2006-02-08 Thomas Rauscher <trauscher@loytec.com>

Browse Source 
PR 890/networking
	* rtems_webserver/webs.c: The webservers enters an infinite loop when a
	POST request with less data than indicated in the Content-Length
	header is received. It also consumes additional heap memory and a
	file descriptor for each invalid POST.
This commit is contained in:
Joel Sherrill
2006-02-08 16:15:09 +00:00
parent 23e7d30803
commit 45a71c9d90
2 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
c/src/libnetworking/ChangeLog
View File

@@ -1,3 +1,11 @@
2006-02-08 Thomas Rauscher <trauscher@loytec.com>
PR 890/networking
* rtems_webserver/webs.c: The webservers enters an infinite loop when a
POST request with less data than indicated in the Content-Length
header is received. It also consumes additional heap memory and a
file descriptor for each invalid POST.
2005-05-20 Sergei Organov <osv@topconrd.ru>
PR 750/networking

5
c/src/libnetworking/rtems_webserver/webs.c
View File

@@ -565,6 +565,11 @@ static int websGetInput(webs_t wp, char_t **ptext, int *pnbytes)
return -1;
} else if (nbytes == 0) { /* EOF or No data available */
/* Bugfix for POST DoS attack with invalid content length */
if (socketEof(wp->sid)) {
websDone(wp, 0);
}
/* End of bugfix */
return -1;
} else { /* Valid data */