2006-02-08 Thomas Rauscher <trauscher@loytec.com>

PR 890/networking * httpd/webs.c: The webservers enters an infinite loop when a POST request with less data than indicated in the Content-Length header is received. It also consumes additional heap memory and a file descriptor for each invalid POST.
author: Joel Sherrill <joel.sherrill@OARcorp.com> 2006-02-08 16:16:42 +0000
committer: Joel Sherrill <joel.sherrill@OARcorp.com> 2006-02-08 16:16:42 +0000
commit: 2eaf499375918fca4055c9463263ea48078370b0 (patch)
tree: 26f0c476e710f8f340f07fb9138bc58f559e8205 /cpukit/httpd
parent: 2006-02-08 Joel Sherrill <joel@OARcorp.com> (diff)
download: rtems-2eaf499375918fca4055c9463263ea48078370b0.tar.bz2
1 files changed, 5 insertions, 0 deletions
diff --git a/cpukit/httpd/webs.c b/cpukit/httpd/webs.c
index 9073fe8b7c..4465a72afe 100644
--- a/cpukit/httpd/webs.c
+++ b/cpukit/httpd/webs.c
@@ -583,6 +583,11 @@ static int websGetInput(webs_t wp, char_t **ptext, int *pnbytes)
 			return -1;
 
 		}  else if (nbytes == 0) {				/* EOF or No data available */
+	                /* Bugfix for POST DoS attack with invalid content length */
+                  	if (socketEof(wp->sid)) {
+                    		websDone(wp, 0);
+                  	}
+	                /* End of bugfix */
 			return -1;
 
 		} else {								/* Valid data */
author	Joel Sherrill <joel.sherrill@OARcorp.com>	2006-02-08 16:16:42 +0000
committer	Joel Sherrill <joel.sherrill@OARcorp.com>	2006-02-08 16:16:42 +0000
commit	2eaf499375918fca4055c9463263ea48078370b0 (patch)
tree	26f0c476e710f8f340f07fb9138bc58f559e8205 /cpukit/httpd
parent	2006-02-08 Joel Sherrill <joel@OARcorp.com> (diff)
download	rtems-2eaf499375918fca4055c9463263ea48078370b0.tar.bz2