48k.eu-mirror
/
ogserver
mirror of https://git.48k.eu/ogserver
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

#915 close connection to REST API if request is too long 

If REST API request length is >= 4096 bytes, close the connection.
master
OpenGnSys Support Team 2019-08-28 16:34:00 +02:00
parent 881f532ee1
commit 20dcb0a906
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
sources/ogAdmServer.cpp
View File

@ -122,6 +122,8 @@ enum og_client_state {
OG_CLIENT_PROCESSING_REQUEST, OG_CLIENT_PROCESSING_REQUEST,
}; };
#define OG_MSG_REQUEST_MAXLEN 4096
/* Shut down connection if there is no complete message after 10 seconds. */ /* Shut down connection if there is no complete message after 10 seconds. */
#define OG_CLIENT_TIMEOUT 10 #define OG_CLIENT_TIMEOUT 10
@ -130,7 +132,7 @@ struct og_client {
struct ev_timer timer; struct ev_timer timer;
struct sockaddr_in addr; struct sockaddr_in addr;
enum og_client_state state; enum og_client_state state;
char buf[4096]; char buf[OG_MSG_REQUEST_MAXLEN];
unsigned int buf_len; unsigned int buf_len;
unsigned int msg_len; unsigned int msg_len;
int keepalive_idx; int keepalive_idx;
@ -4193,6 +4195,11 @@ static void og_client_read_cb(struct ev_loop *loop, struct ev_io *io, int events
ev_timer_again(loop, &cli->timer); ev_timer_again(loop, &cli->timer);
cli->buf_len += ret; cli->buf_len += ret;
if (cli->buf_len >= sizeof(cli->buf)) {
syslog(LOG_ERR, "client request from %s:%hu is too long\n",
inet_ntoa(cli->addr.sin_addr), ntohs(cli->addr.sin_port));
goto close;
}
switch (cli->state) { switch (cli->state) {
case OG_CLIENT_RECEIVING_HEADER: case OG_CLIENT_RECEIVING_HEADER: