summary refs log tree commit diff
diff options
context:
space:
mode:
authorLeah Neukirchen <leah@vuxu.org>2022-02-07 15:17:19 +0100
committerLeah Neukirchen <leah@vuxu.org>2022-02-07 15:17:19 +0100
commit607909fd9f2495757e50a1480db2ccc1beb4920e (patch)
tree04ed472b07145e7f247ca981fee216d83791530e
parent22c4b19416a86f9218d1832bc2519cfb97c1535f (diff)
downloadhittpd-607909fd9f2495757e50a1480db2ccc1beb4920e.tar.gz
hittpd-607909fd9f2495757e50a1480db2ccc1beb4920e.tar.xz
hittpd-607909fd9f2495757e50a1480db2ccc1beb4920e.zip
send 400 bad request and drop connection on http parse errors HEAD master
Reported by @ellcs.

Closes #2.
-rw-r--r--hittpd.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/hittpd.c b/hittpd.c
index 0a243b4..7a979a4 100644
--- a/hittpd.c
+++ b/hittpd.c
@@ -263,6 +263,9 @@ accesslog(http_parser *p, int status)
 
 	struct conn_data *data = p->data;
 
+	if (!data->path)
+		return;
+
 	char logtimestamp[64];
 	strftime(logtimestamp, sizeof logtimestamp,
 	    "[%d/%b/%Y:%H:%M:%S %z]", localtime(&now));
@@ -350,6 +353,11 @@ send_error(http_parser *p, int status, const char *msg)
 	char content[512];
 	snprintf(content, sizeof content, "%03d %s\r\n", status, msg);
 
+	if (p->http_major == 0) {
+		p->http_major = 1;
+		p->http_minor = 0;
+	}
+
 	send_response(p, status, msg, "", content);
 
 	return 0;
@@ -933,6 +941,9 @@ read_client(int i)
 			// we handled a complete request, we can reuse
 			// the parser
 			http_parser_pause(&parsers[i], 0);
+		} else if (HTTP_PARSER_ERRNO(&parsers[i]) > 0) {
+			send_error(&parsers[i], 400, "Bad Request");
+			close_connection(i);
 		} else {
 			// the read data was longer than a single request
 			// drop the rest and make sure we close the connection,