diff options
author | OpenGnSys Support Team <soporte-og@soleta.eu> | 2019-08-28 16:34:00 +0200 |
---|---|---|
committer | OpenGnSys Support Team <soporte-og@soleta.eu> | 2019-08-28 17:16:01 +0200 |
commit | d8a2d5f4df14d4c91798cc33f54419c993b08c38 (patch) | |
tree | c39d59bfdba19367f59c4c296dc364d16d3b115c /admin | |
parent | c935fc90661df5d4fa9658d6d97c2f99a36c8704 (diff) |
#915 close connection to REST API if request is too long
If REST API request length is >= 4096 bytes, close the connection.
Diffstat (limited to 'admin')
-rw-r--r-- | admin/Sources/Services/ogAdmServer/sources/ogAdmServer.cpp | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/admin/Sources/Services/ogAdmServer/sources/ogAdmServer.cpp b/admin/Sources/Services/ogAdmServer/sources/ogAdmServer.cpp index 2168a5c2..75f0a2c4 100644 --- a/admin/Sources/Services/ogAdmServer/sources/ogAdmServer.cpp +++ b/admin/Sources/Services/ogAdmServer/sources/ogAdmServer.cpp @@ -122,6 +122,8 @@ enum og_client_state { OG_CLIENT_PROCESSING_REQUEST, }; +#define OG_MSG_REQUEST_MAXLEN 4096 + /* Shut down connection if there is no complete message after 10 seconds. */ #define OG_CLIENT_TIMEOUT 10 @@ -130,7 +132,7 @@ struct og_client { struct ev_timer timer; struct sockaddr_in addr; enum og_client_state state; - char buf[4096]; + char buf[OG_MSG_REQUEST_MAXLEN]; unsigned int buf_len; unsigned int msg_len; int keepalive_idx; @@ -4193,6 +4195,11 @@ static void og_client_read_cb(struct ev_loop *loop, struct ev_io *io, int events ev_timer_again(loop, &cli->timer); cli->buf_len += ret; + if (cli->buf_len >= sizeof(cli->buf)) { + syslog(LOG_ERR, "client request from %s:%hu is too long\n", + inet_ntoa(cli->addr.sin_addr), ntohs(cli->addr.sin_port)); + goto close; + } switch (cli->state) { case OG_CLIENT_RECEIVING_HEADER: |