Skip to content

Commit

Permalink
Parse Request buffer protection
Browse files Browse the repository at this point in the history 
md5sum a.out
17d724d9768074eff22661e05f7a69c3  a.out

Realized was checking i against the FIRSTLINEBUFFSIZE and not methodLoc,
updating so we don't accidently miss data in the request string.
  • Loading branch information
@EdgeCaseBerg
EdgeCaseBerg committed Jan 13, 2014
1 parent 03cf16b commit a3d70b7
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/network/net.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -239,7 +239,7 @@ int parseRequest(struct http_request * requestToFill, char * requestStr){
/*Determine actual content length */
contentLength+=strlen("Content-Length: "); /* Skip the text */
methodLoc=0; /* ReUsing again */
for(i=contentLength; i < FIRSTLINEBUFFSIZE && requestStr[i] != '\0' && requestStr[i] != '\r'; ++i)
for(i=contentLength; methodLoc < FIRSTLINEBUFFSIZE && requestStr[i] != '\0' && requestStr[i] != '\r'; ++i)
buff[methodLoc++] = requestStr[i];
buff[i] = '\0';
/* Attempt to parse: */
Expand Down

0 comments on commit a3d70b7

Please sign in to comment.