diff options
| author | Jan Kneschke <jan@kneschke.de> | 2005-10-02 21:50:51 +0000 |
|---|---|---|
| committer | Jan Kneschke <jan@kneschke.de> | 2005-10-02 21:50:51 +0000 |
| commit | ac7db634f6d7b8ab3c7fb20f7cf7dec60119a037 (patch) | |
| tree | a92297fa3358694ab9a382e23f1a1175e0143618 | |
| parent | ef8f508a5fe949e9b9a3f1b9f8d20d7e585dede1 (diff) | |
| download | lighttpd-git-ac7db634f6d7b8ab3c7fb20f7cf7dec60119a037.tar.gz | |
detect empty URIs in requests as bad request, status 400
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@773 152afb58-edef-0310-8abb-c4023f1b3aa9
| -rw-r--r-- | src/buffer.c | 5 | ||||
| -rw-r--r-- | src/request.c | 15 | ||||
| -rwxr-xr-x | tests/core-request.t | 16 | ||||
| -rwxr-xr-x | tests/prepare.sh | 1 |
4 files changed, 36 insertions, 1 deletions
diff --git a/src/buffer.c b/src/buffer.c index 7019beb4..9af4a238 100644 --- a/src/buffer.c +++ b/src/buffer.c @@ -893,6 +893,11 @@ int buffer_path_simplify(buffer *dest, buffer *src) } *(out++) = pre1; + if (pre1 == '\0') { + dest->used = (out - start) + 1; + return 0; + } + while (1) { if (c == '/' || c == '\0') { toklen = out - slash; diff --git a/src/request.c b/src/request.c index 966b00e5..5ff7f733 100644 --- a/src/request.c +++ b/src/request.c @@ -483,6 +483,21 @@ int http_request_parse(server *srv, connection *con) { } in_folding = 0; + + if (con->request.uri->used == 1) { + con->http_status = 400; + con->response.keep_alive = 0; + con->keep_alive = 0; + + log_error_write(srv, __FILE__, __LINE__, "s", "no uri specified -> 400"); + if (srv->srvconf.log_request_header_on_error) { + log_error_write(srv, __FILE__, __LINE__, "Sb", + "request-header:\n", + con->request.request); + } + return 0; + } + for (; i < con->parse_request->used && !done; i++) { char *cur = con->parse_request->ptr + i; diff --git a/tests/core-request.t b/tests/core-request.t index f6a486aa..f4db9376 100755 --- a/tests/core-request.t +++ b/tests/core-request.t @@ -8,7 +8,7 @@ BEGIN { use strict; use IO::Socket; -use Test::More tests => 31; +use Test::More tests => 33; use LightyTest; my $tf = LightyTest->new(); @@ -259,6 +259,20 @@ EOF $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'Content-Type' => 'application/octet-stream' } ]; ok($tf->handle_http($t) == 0, 'Content-Type - unknown'); +$t->{REQUEST} = ( <<EOF +GET HTTP/1.0 +EOF + ); +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 400 } ]; +ok($tf->handle_http($t) == 0, 'empty request-URI'); + +$t->{REQUEST} = ( <<EOF +GET /Foo.txt HTTP/1.0 +EOF + ); +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; +ok($tf->handle_http($t) == 0, 'uppercase filenames'); + ok($tf->stop_proc == 0, "Stopping lighttpd"); diff --git a/tests/prepare.sh b/tests/prepare.sh index 3ac4943b..d7e38ab6 100755 --- a/tests/prepare.sh +++ b/tests/prepare.sh @@ -41,6 +41,7 @@ cp $srcdir/lighttpd.htpasswd $tmpdir/ cp $srcdir/var-include-sub.conf $tmpdir/../ touch $tmpdir/servers/www.example.org/pages/image.jpg \ $tmpdir/servers/www.example.org/pages/image.JPG \ + $tmpdir/servers/www.example.org/pages/Foo.txt \ $tmpdir/servers/www.example.org/pages/a printf "%-40s" "preparing infrastructure" |