summary refs log tree commit diff
diff options
context:
space:
mode:
authorLeah Neukirchen <leah@vuxu.org>2020-05-09 18:34:06 +0200
committerLeah Neukirchen <leah@vuxu.org>2020-05-09 18:34:06 +0200
commit1910c5c58090187f77cfefd5cde7c279d658bb85 (patch)
tree24c37fd2fd04beb805d5f3d2081d2821bd143a6a
parent054048798664555a1c08a1a1c358468f941e27d8 (diff)
downloadhittpd-1910c5c58090187f77cfefd5cde7c279d658bb85.tar.gz
hittpd-1910c5c58090187f77cfefd5cde7c279d658bb85.tar.xz
hittpd-1910c5c58090187f77cfefd5cde7c279d658bb85.zip
detect too big header generation
-rw-r--r--hittpd.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/hittpd.c b/hittpd.c
index 13306fe..7ea8592 100644
--- a/hittpd.c
+++ b/hittpd.c
@@ -299,11 +299,22 @@ send_response(http_parser *p, int status, const char *msg,
 	    now,
 	    extra_headers);
 
-	if (!(status == 204 || status == 304))
+	if (len >= (int)sizeof buf) {
+		send_error(p, 413, "Payload Too Large");
+		return;
+	}
+
+	if (!(status == 204 || status == 304)) {
 		len += snprintf(buf + len, sizeof buf - len,
 		    "Content-Length: %jd\r\n",
 		    content_length(data));
 
+		if (len >= (int)sizeof buf) {
+			send_error(p, 413, "Payload Too Large");
+			return;
+		}
+	}
+
 	len += snprintf(buf + len, sizeof buf - len,
 	    "\r\n"
 	    "%s",