From 85daa67bc2e0abc7c9661f7652a462185dd7f6b5 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Mon, 25 Mar 2013 23:27:00 +0100
Subject: httpd: don't allow tabs and multiple spaces in request string

HTTP standard doesn't allow it and no sane clients should ever use it.

function                                             old     new   delta
handle_incoming_and_exit                            2795    2785     -10

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
 networking/httpd.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'networking')

diff --git a/networking/httpd.c b/networking/httpd.c
index 1934bb27e..b46eb0fab 100644
--- a/networking/httpd.c
+++ b/networking/httpd.c
@@ -1964,7 +1964,9 @@ static void handle_incoming_and_exit(const len_and_sockaddr *fromAddr)
 		send_headers_and_exit(HTTP_BAD_REQUEST);
 
 	/* Determine type of request (GET/POST) */
-	urlp = strpbrk(iobuf, " \t");
+	// rfc2616: method and URI is separated by exactly one space
+	//urlp = strpbrk(iobuf, " \t"); - no, tab isn't allowed
+	urlp = strchr(iobuf, ' ');
 	if (urlp == NULL)
 		send_headers_and_exit(HTTP_BAD_REQUEST);
 	*urlp++ = '\0';
@@ -1982,7 +1984,8 @@ static void handle_incoming_and_exit(const len_and_sockaddr *fromAddr)
 	if (strcasecmp(iobuf, request_GET) != 0)
 		send_headers_and_exit(HTTP_NOT_IMPLEMENTED);
 #endif
-	urlp = skip_whitespace(urlp);
+	// rfc2616: method and URI is separated by exactly one space
+	//urlp = skip_whitespace(urlp); - should not be necessary
 	if (urlp[0] != '/')
 		send_headers_and_exit(HTTP_BAD_REQUEST);
 
-- 
cgit v1.2.3