diff options
| -rw-r--r-- | hittpd.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/hittpd.c b/hittpd.c index 1cc12c0..afee1ac 100644 --- a/hittpd.c +++ b/hittpd.c @@ -467,7 +467,7 @@ on_message_complete(http_parser *p) { char path[PATH_MAX]; char name[PATH_MAX + 128]; - char *s = data->path, *t = path; + char *s = data->path, *t = path, *pe = path + sizeof path - 1; for (size_t i = 0; s[i]; i++) { if (s[i] == '%') { @@ -514,6 +514,11 @@ on_message_complete(http_parser *p) { } else { *t++ = s[i]; } + + if (t >= pe) { + send_error(p, 413, "Payload Too Large"); + return 0; + } } *t = 0; |