d4708/opentracker
1
0
Fork 0
mirror of git://erdgeist.org/opentracker synced 2025-01-15 01:12:07 +00:00
Code Issues Projects Releases Wiki Activity

Let's give a damn about syntactical correctness of peer's http strings. It's too expensive on both sides to check and to reject.

Browse Source
This commit is contained in:
erdgeist 2008-12-05 20:34:24 +00:00
parent 7120799379
commit 23be5c4d55
1 changed files with 0 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ot_http.c
View File

@ -504,10 +504,6 @@ ssize_t http_handle_request( const int64 client_socket, char *data, size_t recv_
/* This one implicitely tests strlen < 5, too -- remember, it is \n terminated */ /* This one implicitely tests strlen < 5, too -- remember, it is \n terminated */
if( byte_diff( data, 5, "GET /") ) HTTPERROR_400; if( byte_diff( data, 5, "GET /") ) HTTPERROR_400;
/* Query string MUST terminate with SP -- we know that theres at least a '\n' where this search terminates */
for( c = data + 5; *c!=' ' && *c != '\t' && *c != '\n' && *c != '\r'; ++c ) ;
if( *c != ' ' ) HTTPERROR_400;
/* Skip leading '/' */ /* Skip leading '/' */
for( c = data+4; *c == '/'; ++c); for( c = data+4; *c == '/'; ++c);